Ensure Azure App service slot has debugging disabled

Error: Azure App service slot does not have debugging disabled

Bridgecrew Policy ID: BC_AZR_NETWORKING_58
Checkov Check ID: CKV_AZURE_155
Severity: LOW

Azure App service slot does not have debugging disabled


Disabling debugging for your Azure App Service slot can help improve the security of your app. Debugging allows you to troubleshoot issues with your app by providing access to detailed information about how the app is functioning. However, it can also make it easier for attackers to gain access to sensitive information about your app, such as its code and configuration.

Fix - Runtime

Fix - Buildtime


  • Resource: azurerm_app_service_slot
  • Argument: remote_debugging_enabled (default is false)
resource "azurerm_app_service_slot" "pass2" {
  name                = "ted"
  app_service_name    = azurerm_app_service.example.name
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name
  app_service_plan_id = azurerm_app_service_plan.example.id

  https_only = false #thedefault

  site_config {
    dotnet_framework_version = "v4.0"
    min_tls_version          = "1.2" #the default is 1.2
    remote_debugging_enabled = false  #default is false

  app_settings = {
    "SOME_KEY" = "some-value"

  connection_string {
    name  = "Database"
    type  = "SQLServer"
    value = "Server=some-server.mydomain.com;Integrated Security=SSPI"