Ensure Azure built-in logging for Azure function app is enabled
Error: Azure Built-in logging for Azure function app is disabled
Bridgecrew Policy ID: BC_AZR_GENERAL_90
Checkov Check ID: CKV_AZURE_159
Severity: LOW
Azure Built-in logging for Azure function app is disabled
Description
It is recommended to have a proper logging process for Azure function app in order to track configuration changes conducted manually and programmatically and trace back unapproved changes.
Runtime - Buildtime
Fix - Buildtime
Terraform
- Resource: azurerm_function_app_slot
- Argument: enable_builtin_logging
resource "azurerm_function_app_slot" "pass2" {
name = "test-azure-functions-slot"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
app_service_plan_id = azurerm_app_service_plan.example.id
function_app_name = azurerm_function_app.example.name
storage_account_name = azurerm_storage_account.example.name
storage_account_access_key = azurerm_storage_account.example.primary_access_key
enable_builtin_logging = true
site_config {
http2_enabled = false
}
auth_settings {
enabled = false
}
}
Updated 6 months ago