Detections
Analytics

Ensure that logging for detailed error messages is enabled for Azure App Service

LOW

Description

Azure App service does not have detailed error messages enabled, this may make audit challenging.

Remediation

In Azure Console -

  1. Open the Azure Portal and go to App Services.
  2. Select the App service you wish to edit (the setting only applies to Windows app services).
  3. Select App Service Logs under Monitoring.
  4. Set Detailed Error Messages to On.
  5. Save.

In Terraform -

  1. In the azurerm_app_service resource, set detailed_error_messages_enabled to true.

References:
https://learn.microsoft.com/en-us/azure/app-service/troubleshoot-diagnostic-logs
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#detailed_error_messages_enabled

Policy Details

Rule Reference ID: AC_AZURE_0295
CSP: Azure
Remediation Available: Yes
Domain: Logging and Monitoring
Resource: azurerm_app_service
Resource Category: Serverless
Resource Type: App Service

Frameworks