Best practice rules for Azure Functions
Trend Micro Cloud One™ – Conformity monitors Azure Functions with the following rules:
- Azure Function Access Keys
Ensure that your Microsoft Azure functions are using access keys.
- Azure Function Runtime Version
Ensure that your Azure functions are using the latest runtime version of the function host.
- Azure Functions with Admin Privileges
Ensure that your Azure functions are not configured with admin privileges.
- Enable Integration with Application Insights
Ensure that your Microsoft Azure functions are using Application Insights.
- Enable Virtual Network Integration for Azure Functions
Ensure that Virtual Network integration is enabled for your Azure Function Apps.
- Exposed Azure Functions
Ensure that your Microsoft Azure functions are not publicly accessible.
- Use System-Assigned Managed Identities for Azure Functions
Ensure that Azure functions are using system-assigned managed identities.
- Use User-Assigned Managed Identities for Azure Functions
Ensure that Azure functions are using user-assigned managed identities.