AzTS

1.0.3

module/ConfigurationProvider/ControlConfigurations/Services/ActionGroups.json

                                {

  "FeatureName": "ActionGroups",

  "Reference": "",

  "IsMaintenanceMode": false,

  "Controls": [

    {

      "ControlID": "Azure_ActionGroups_DP_Avoid_Plaintext_Secrets_Trial",

      "Description": "[Trial] ActionGroups must not have secrets/credentials present in plain text",

      "Id": "ActionGroups10",

      "ControlSeverity": "High",

      "Automated": "Yes",

      "MethodName": "AvoidPlaintextSecretsAsync",

      "DisplayName": "[Trial] ActionGroups must not have secrets/credentials present in plain text",

      "Category": "Credentials Access",

      "ControlRequirements": "Eliminating plain text credentials",

      "Rationale": "Keeping secrets/credentials such as DB connection strings, passwords, keys, etc. in plain text can lead to exposure at various avenues during an application's lifecycle. Storing them in a key vault ensures that they are protected at rest.",

      "Recommendation": "Find detected secrets/credentials using the API information available in Source, rotate those credentials and remove them. Use KeyVault to store secrets/credentials.",

      "Tags": [

        "Automated",

        "DP",

        "Baseline",

        "ActionGroups"

      ],

      "Enabled": true,

      "CustomTags": [

        "Daily",

        "Trial",

        "Secrets"

      ]

    }

  ]

}