Framework/Configurations/SVT/AzSDKCfg/AzSDKCfg.json
|
{
"FeatureName": "AzSDKCfg", "Reference": "aka.ms/azsdktcp", "IsManintenanceMode": false, "Controls": [ { "ControlID": "Azure_AzSDKCfg_Check_Presence_of_CA", "Description": "Continuous Assurance automation account must be present in the subscription", "Id": "AzSDKCfg110", "ControlSeverity": "High", "Automated": "Yes", "MethodName": "CheckifCAPresent", "Recommendation": "To install Continuous Assurance automation account, run command: Install-AzSDKContinuousAssurance.For more details, please refer https://github.com/azsdk/azsdk-docs/blob/master/04-Continous-Assurance/Readme.md#setting-up-continuous-assurance---step-by-step", "Tags": [ "SDL", "TCP", "Automated" ], "Enabled": true, "Rationale": "Presence of CA ensures that regular scan is happening for your cloud subscription and resources." }, { "ControlID": "Azure_AzSDKCfg_Check_Health_of_CA", "Description": "Continuous Assurance automation account must be in a healthy state", "Id": "AzSDKCfg120", "ControlSeverity": "High", "Automated": "Yes", "MethodName": "CheckHealthofCA", "Recommendation": "Run command: 'Get-AzSDKContinuousAssurance -SubscriptionId <subId>'.Follow the recommendation given to bring CA in healthy state", "Tags": [ "SDL", "TCP", "Automated", "GraphRead" ], "Enabled": true, "Rationale": "Presence of CA ensures that regular scan is happening for your cloud subscription and resources." }, { "ControlID": "Azure_AzSDKCfg_Check_Presence_of_Latest_AzSDK_Module", "Description": "AzSDK scans must use latest version of the AzSDK Module", "Id": "AzSDKCfg130", "ControlSeverity": "High", "Automated": "Yes", "MethodName": "CheckifLatestModulePresent", "Recommendation": "Re-run install command to get latest AzSDK module", "Tags": [ "SDL", "TCP", "Automated" ], "Enabled": true, "Rationale": "With each release new security updates are being added. Using the latest AzSDK module ensures that your cloud subscription and resources are scanned with the latest controls." } ] } |