Detections
Analytics
Ensure integration service environment are used for deployment of Azure Logic App Workflow
LOW
Description
Azure Logic App Workflow uses integration service environment. Using integration service environment in a virtual network unlocks advanced Logic Apps networking and security features and provides you with greater control over your network configuration.
Remediation
Integration service accounts are being discontinued through Azure so they can no longer be provisioned for Logic Apps.
In Terraform -
- In the azurerm_logic_app_workflow resource, set integration_service_environment_id to the appropriate ID (this will create a new resource).
References:
https://learn.microsoft.com/en-us/azure/logic-apps/
https://learn.microsoft.com/en-us/azure/logic-apps/connect-virtual-network-vnet-isolated-environment
https://registry.terraform.io/providers/hashicorp/azurerm/3.40.0/docs/resources/logic_app_workflow#integration_service_environment_id
Policy Details
Rule Reference ID: AC_AZURE_0250
CSP: Azure
Remediation Available: Yes
Domain: Security Best Practices
Resource: azurerm_logic_app_workflow
Resource Category: Logging and Monitoring
Resource Type: Logic App Workflow