Ensure remote debugging is not enabled for app services

Error: Remote debugging is enabled for app services

Bridgecrew Policy ID: BC_AZR_GENERAL_55
Checkov Check ID: CKV_AZURE_72
Severity: LOW

Remote debugging is enabled for app services

Description

Remote debugging allows you to remotely connect to a running app and debug it from a different location. While this can be useful for developers who need to troubleshoot issues with their app, it also introduces a potential security risk because it allows someone to remotely access your app and potentially modify its code or behavior.

If remote debugging is enabled for your app services, it could potentially be exploited by an attacker to gain unauthorized access to your app and potentially compromise it. This could result in data loss, financial damage, or other negative consequences.

Fix - Buildtime

Terraform

  • Resource: azurerm_app_service
  • Argument: remote_debugging_enabled
resource "azurerm_app_service" "example" {
                   ...
+                  remote_debugging_enabled = false
            }