Ensure internal load balancing is enabled for Azure App Service Environment

MEDIUM

Description

Disabling internal load balancing for Azure App Service Environments may lead to lower availability of applications.

Remediation

Configuration of the Internal Load Balancing for App Service networks can be achieved after configuring some prerequisites, such as creating DNS entries and launching an application gateway. To configure this feature, follow the steps in the Azure documentation (below).

In Terraform -

In the azurerm_app_service_environment resource, set internal_load_balancing_mode to either Web or Publishing.

References:
https://learn.microsoft.com/en-us/azure/app-service/environment/integrate-with-application-gateway#configure-an-application-gateway-integration-with-ilb-ase
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service_environment

Policy Details

Rule Reference ID: AC_AZURE_0229

CSP: Azure

Remediation Available: Yes

Domain: Resilience

Resource: azurerm_app_service_environment

Resource Category: Serverless

Resource Type: App Service

Frameworks

GDPR
NIST-800-53
HIPAA

Detections

Analytics