Skip to content

Commit

Permalink
Modify rule S6378: Add language AzureResourceManager (Bicep) (#2255)
Browse files Browse the repository at this point in the history
  • Loading branch information
egon-okerman-sonarsource authored Sep 13, 2023
1 parent ebc3f49 commit bc2c537
Showing 1 changed file with 24 additions and 0 deletions.
24 changes: 24 additions & 0 deletions rules/S6378/azureresourcemanager/rule.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ include::../recommended.adoc[]

== Sensitive Code Example

Using ARM templates:

[source,json,diff-id=1,diff-type=noncompliant]
----
{
Expand All @@ -21,9 +23,20 @@ include::../recommended.adoc[]
}
----

Using Bicep:

[source,bicep,diff-id=2,diff-type=noncompliant]
----
resource sensitiveApiManagementService 'Microsoft.ApiManagement/service@2022-09-01-preview' = {
name: 'apiManagementService'
// Sensitive: no Managed Identity is defined
}
----

== Compliant Solution

Using ARM templates:

[source,json,diff-id=1,diff-type=compliant]
----
{
Expand All @@ -42,6 +55,17 @@ include::../recommended.adoc[]
}
----

Using Bicep:

[source,json,diff-id=2,diff-type=noncompliant]
----
resource sensitiveApiManagementService 'Microsoft.ApiManagement/service@2022-09-01-preview' = {
name: 'apiManagementService'
identity: {
type: 'SystemAssigned'
}
}
----

include::../see.adoc[]

Expand Down

0 comments on commit bc2c537

Please sign in to comment.