Ensure that registration with Azure Active Directory (AAD) is enabled for Microsoft Azure App Service web applications so that your applications can connect to other Azure cloud services securely without the need of access credentials such as user names and passwords.
This rule resolution is part of the Cloud Conformity Security & Compliance tool for Azure
App Service is a highly scalable and self-patching web hosting service provided by Microsoft Azure. The service also provides a managed identity for your web applications, which is a turn-key solution for securing access to other Azure cloud services. A system assigned managed identity like Azure Active Directory (AAD) enables App Service web applications to authenticate to cloud services such as Azure Key Vault and Azure Storage without the need of storing credentials within the application code.
To determine if registration with Azure Active Directory is enabled for your App Service web applications, perform the following actions:
Remediation / Resolution
To enable registration with Microsoft Azure Active Directory (AAD) so that your web applications can securely access other Azure cloud services without the need of using credentials stored in the application code, perform the following actions:
- Azure Official Documentation
- App Service
- What are managed identities for Azure resources?
- Tutorial: Secure Azure SQL Database connection from App Service using a managed identity
- CIS Microsoft Azure Foundations
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
You are auditing:
Enable Registration with Azure Active Directory
Risk level: Medium