Ensure managed identity provider is enabled for app services

Error: Managed identity provider is not enabled for app services

Bridgecrew Policy ID: BC_AZR_GENERAL_54
Checkov Check ID: CKV_AZURE_71
Severity: LOW

Managed identity provider is not enabled for app services

Description

Managed service identity in App Service makes the app more secure by eliminating secrets from the app, such as credentials in the connection strings. When registering with Azure Active Directory in the app service, the app will connect to other Azure services securely without the need of username and passwords.

Fix - Buildtime

In Azure Console

  1. Log in to the Azure portal.
  2. Navigate to App Services.
  3. Click on the reported App.
  4. Under Setting section, Click on 'Identity'.
  5. Ensure that 'Status' is set to 'On'.

Fix - Buildtime

Terraform

  • Resource: azurerm_app_service
  • Argument: identity.type
resource "azurerm_app_service" "example" {
              ...
  +           identity {
  +             type = "SystemAssigned"
                }
              }

Did this page help you?