AzTS

1.0.1

module/ConfigurationProvider/ControlConfigurations/Services/DataFactory.json

                                {

    "FeatureName": "DataFactory",

    "Reference": "aka.ms/azsktcp/datafactory",

    "IsMaintenanceMode": false,

    "Controls": [

        {

            "ControlID": "Azure_DataFactory_DP_Avoid_Plaintext_Secrets_Trial",

            "Description": "Data Factory must not have secrets/credentials present in plain text",

            "Id": "DataFactory10",

            "ControlSeverity": "High",

            "Automated": "Yes",

            "MethodName": "DataFactoryAvoidPlaintextSecrets",

            "DisplayName": "Data Factory must not have secrets/credentials present in plain text",

            "Category": "Credentials Access",

            "ControlRequirements": "Eliminating plain text credentials",

            "Rationale": "Keeping secrets/credentials such as DB connection strings, passwords, keys, etc. in plain text can lead to exposure at various avenues during an application's lifecycle. Storing them in a key vault ensures that they are protected at rest.",

            "Recommendation": "Find detected secrets/credentials using the API information available in Source, rotate those credentials and remove them. Use KeyVault to store secrets/credentials.",

            "Tags": [

              "SDL",

              "TCP",

              "Automated",

              "DP",

              "Baseline",

              "Daily",

              "Trial"

            ],

            "Enabled": true

        }

    ]

}