Stack Overflow
Stack Overflow

Questions tagged [azure-security]

Use this tag for Azure Security questions

216 questions
1
vote
1 answer

What are "variants" in Azure permissions

In the examples on this https://learn.microsoft.com/en-us/powershell/microsoftgraph/find-mg-graph-command?view=graph-powershell-1.0, I see something called "variants", but I haven't found any explanation of "variants" when I search. Specifically,…
NealWalters
  • 17,197
  • 42
  • 141
  • 251
1
vote
1 answer

Not able to create key vault being a Global Admin

I am trying to create Azure Key vault via Portal. While I'm selecting create a keyvault option in Azure Portal, I am getting error like below on Basics tab: enter image description here I am the Global Admin of my account. It's saying the resource…
user156092
  • 15
  • 4
1
vote
3 answers

How to restrict deletion of security group in Azure?

Is there any Azure policy can be in place which will restict users so that they Can NOT delete any of the Security groups in Azure? even if they can PIM up below roles: User Admin Privileged auth admin Application admin Conditional access…
AskMe
  • 2,495
  • 8
  • 49
  • 102
1
vote
2 answers

Unable to access key and secrets in Azure Key Vault

I am the owner of an Azure Key Vault that I created. I created a key and a secret a day before. But today when I tried to create another key and secret, the Generate/Import button on top in the right pane is disabled and below it a following message…
nam
  • 21,967
  • 37
  • 158
  • 332
1
vote
1 answer

Azure KeyVault and Authentication on client side

Good day, I have a question about the following scenario: A client opens a web application in the browser. In the web application, secrets are retrieved from an Azure Key Vault using Javascript. Then, with these secrets a connection to another Azure…
sampa
  • 535
  • 4
  • 27
1
vote
1 answer

How to expose Azure APIM API through API App?

We have Azure APIM exposing API for angular application. But it seems that there is no way to secure the subscription key for public APIs. So what is the best way to expose the API for angular application? Is there quick way to expose the API with…
Rajesh
  • 301
  • 3
  • 8
1
vote
2 answers

Enable Azure Defender for all resource types using Azure Policies

For security reasons I do have to enable Azure Defender in the ASC for all resource types. Since we do have a lot of different subscriptions within Azure and the number is increasing we do have to configure an Azure Policy to enforce that. There…
MOE
  • 769
  • 6
  • 19
1
vote
0 answers

Question about automating Azure security center Auto provisioning - Extensions

Please I am trying to automate azure security center auto provisioning using terraform but the resource azurerm_security_center_auto_provisioning seems inadequate. Setting auto_provision = “On” only turns on Log Analytics agent for Azure VMs but…
Joe
  • 49
  • 2
1
vote
1 answer

Azure Kubernetes Cluster Security

I found some findings related to Azure Kubernetes Cluster in the Azure Security Center Recommendations. Immutable (read-only) root filesystem should be enforced for containers. Services should listen on allowed ports only. Containers should listen…
Mrugesh Shah
  • 31
  • 3
1
vote
1 answer

What is the name of the firewall rule created by 'Allow Azure services and resources to access this server'

I have 'Allow Azure services and resources to access this server' set to ON for my hosted Azure database server. Every night at 11:00pm we run a script to remove all firewall rules which were put in place by developers who access the database during…
Yossi G.
  • 939
  • 1
  • 8
  • 22
1
vote
1 answer

Authorization Token for Azure Security Center to dismiss the alerts

I am trying to dismiss the alerts using API. I am following this link Alert Update . Now I am able to dismiss the alert using this link successfully but I have tried using PostMan and I failed, After looking into the documentation I got to know that…
Anuj
  • 25
  • 6
1
vote
1 answer

Microsoft Azure DDoS protection alert not recevied

I have implemented Azure DDos with standard(paid) and also setup alert. But I get 45,000 attack on my server and did not received any alert related to it. Can anyone tell where I have done any mistake or left configuration related to DDos. Let me…
Ritesh Jhaggar
  • 103
  • 1
  • 7
1
vote
1 answer

calling Azure AD secured own Web API n with specific scope using daemon / console app

I have a custom Web API in dotnet core, I have secured the web api using [Authorize(Policy = "Admin")]. I have registered the web api in Azure AD using App Registration. I have created two application roles "Admin" and "Customer". I have a console…
reach2saurabh
  • 153
  • 1
  • 11
1
vote
2 answers

Issue with Azure function configuration object caching

My Application settings of Azure function app, has keyvault reference like @Microsoft.KeyVault(SecretUri=https://myvalut.vault.azure.net/secrets/mySecret/), whenever new version of "mySecret" introduced in keyvault, Azure function still renders the…
191180rk
  • 735
  • 2
  • 12
  • 37
1
vote
1 answer

Azure Event Hub log sorting streaming using query

How to process Azure Log events from Event hub and filter based on criteria. We are trying to filter specific critical or security related Diagnostic and Activity logs before feeding into our Onprem SIEM solution. Can someone please guide me how to…
Anil Kash
  • 11
  • 1
1 2 3
14 15