Ensure app service enables HTTP logging
Error: App service does not enable HTTP logging
Bridgecrew Policy ID: BC_AZR_LOGGING_8
Checkov Check ID: CKV_AZURE_63
Severity: LOW
App service does not enable HTTP logging
Description
By enabling HTTP logging for your app service, you can collect this information and use it to monitor and troubleshoot your app, as well as identify any potential security issues or threats. This can help to ensure that your app is running smoothly and is secure from potential attacks.
Fix - Buildtime
Terraform
- Resource: azurerm_app_service
- Argument: logs.http_logs
resource "azurerm_app_service" "example" {
name = "example-app-service"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
app_service_plan_id = azurerm_app_service_plan.example.id
+ logs {
+ http_logs {
retention_in_days = 4
retention_in_mb = 10
}
}
app_settings = {
"SOME_KEY" = "some-value"
}
connection_string {
name = "Database"
type = "SQLServer"
value = "Server=some-server.mydomain.com;Integrated Security=SSPI"
}
}
Updated 3 months ago