Detections
Analytics

Ensure that Azure Files are used for Azure App Service

MEDIUM

Description

Azure App services do not use Azure Files, this may lead to data loss due to low resilience.

Remediation

In Azure Console -

  1. Open the Azure Portal and go to App Services.
  2. Select the App service you wish to edit.
  3. Select Configuration under Settings.
  4. Select the Path mappings tab.
  5. Create a new storage mount and set it to use Azure Files. Configure as needed.

In Terraform -

  1. In the azurerm_app_service resource, create a storage_account block.
  2. Set storage_account.type to AzureFiles.

References:
https://learn.microsoft.com/en-us/azure/app-service/configure-connect-to-azure-storage?tabs=portal&pivots=container-linux
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#storage_account

Policy Details

Rule Reference ID: AC_AZURE_0297
CSP: Azure
Remediation Available: Yes
Domain: Resilience
Resource: azurerm_app_service
Resource Category: Serverless
Resource Type: App Service

Frameworks