Ensure Azure Client Certificates are enforced for API management

Error: Azure Client Certificates are not enforced for API management

Bridgecrew Policy ID: BC_AZR_GENERAL_83
Checkov Check ID: CKV_AZURE_152
Severity: LOW

Azure Client Certificates are not enforced for API management

Description

By enforcing client certificates for API management, you can ensure that only clients that have a valid certificate are able to access your APIs. This can help prevent unauthorized access to your APIs, and can also help protect against potential security threats such as data breaches or denial of service attacks.

Fix - Runtime

Fix - Buildtime

Terraform

  • Resource: azurerm_app_service
  • Argument: client_cert_enabled
resource "azurerm_app_service" "pass" {
  name                = "example-app-service"
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name
  app_service_plan_id = azurerm_app_service_plan.example.id
  client_cert_enabled = true
  }