Stack Overflow
Stack Overflow

Questions tagged [azure-security]

Use this tag for Azure Security questions

216 questions
1
vote
0 answers

Implication and Precautions for Azure AD Migration from On Prem AD

One of my customers would like to know what are all the implications and what all precautions one needs to take before migrating all their identities to Azure and use Azure AD as the main AD. Any kind of documentation on this would be really…
Pallab
  • 1,915
  • 2
  • 19
  • 46
1
vote
1 answer

Azure Security Center: Handle multiple databases with identical baseline

We are using Azure to host many (100+) SQL Azure databases with an identical setup. Azure Security Center performs a weekly vulnerability scan. At present, we need to set up the baseline for each individual database. For instance, every time we add…
Bram Fokke
  • 21
  • 4
1
vote
1 answer

Unable to remove azure group from repository

I'm having issues removing a group from repository permission list group. I can explain my case with the next sample: 1. I created two groups: Team A and Team B: 2. A new repo was created, then i added one of the groups to the Repos root, and i…
Francisco Tovar Bastidas
  • 21
  • 1
1
vote
1 answer

Why does Azure issue a security threat if my query fails from the vscode mssql ext?

If I execute a query from vscode that fails, why should Azure issue a security threat for this? How should I prevent this from happening (other than never submitting a query that fails, lol)? Is this a permissions issue? Can I have the admin…
meowmeow
  • 238
  • 1
  • 6
1
vote
2 answers

Azure Advisory: Web ports should be restricted on NSG associated to your VM

What can I do to fix this Advisory message? The VM this relates to is a webserver, which sits behind an Azure LoadBalancer. The NSG rule that is causing this (only 1 'not default rule' ) is: Type: Allow Source: Service Tag - Internet, source port…
Paul0515
  • 23,515
  • 9
  • 32
  • 47
1
vote
1 answer

Allow only authorized endpoints to send events to event grid

I am working on a project which uses Azure Event Grid where a web application sends a custom event to event grid and a web-hook within a separate application is used to subscribe to these events. It looks like it is secure on the web-hook side since…
anonuser1
  • 347
  • 1
  • 7
  • 17
1
vote
1 answer

How can I use Microsoft.Security/complianceResults in Azure Policy?

I have noticed that some built-in Azure policies use "Microsoft.Security/complianceResults" for auditing. For example, the "The NSGs rules for web applications on IaaS should be hardened" is using "unprotectedWebApplication" from…
Martin
  • 33
  • 4
1
vote
1 answer

Import database bacpac firewall issue

We have a sql server firewall setup with no IP access and "Allow Azure Services" flag also set to off. I understand this means no azure services and no external clients will be able to access the sql server and database. however, when i try Import…
Mandar Jogalekar
  • 3,199
  • 7
  • 44
  • 85
1
vote
1 answer

How to prevent creation of additional Azure Active Directory tenants/directories?

How can I prevent users from creating additional Azure Active Directory tenants/directories? It is now possible as described here https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-access-create-new-tenant. We…
Martin
  • 33
  • 4
1
vote
1 answer

Deny Azure Disk Encryption decryption/disablement using Azure policy

I am trying to create a Deny policy to deny disk decryption (encrypted via Azure Disk Encryption), but the Deny isn't taking effect. I do see the disks not in compliance though. Here's the policy below: { "properties": { "displayName":…
VMTX
  • 11
  • 1
1
vote
2 answers

Azure Service Bus Topics Security

When using Azure Service Bus Topics, how would one ensure that messages sent, containing sensitive data, are secured? Imagine a microservices scenario where small independent modular services live in Azure and talk to one another via the bus. To…
emerald
  • 17
  • 7
1
vote
2 answers

Azure security center enabling auto provision with ARM template does not work

I am trying to enable the auto provision for Azure security center with ARM template. My template has this as resource: { "type": "Microsoft.Security/autoProvisioningSettings", "name": "default", "apiVersion":…
Kamsiinov
  • 1,315
  • 2
  • 20
  • 50
1
vote
1 answer

Azure Policy not denying Custom Role creation

I am currently helping investigate adopting Azure for my organization's public cloud. One of the tasks I have been assigned is locking down accounts to prevent users from being able to elevate their permissions within a subscription. One of the…
hpoe
  • 642
  • 5
  • 10
1
vote
0 answers

Managing Azure Devops (VSTS) PATs across a team

We have some external services that access VSTS using PAT authentication. Currently it seems that only individual users can create a PAT and deploy it to the service. Other users across the team do not have access to the PAT in any way, but it is…
Frederic Mokren
  • 21
  • 4
1
vote
0 answers

Grant Resource Group owner to Personal and Business Account

How do I grant my personal and business accounts, that have the same email addresses, resource owner of a resource group? In my personal account, I created a resource group. I went to Resource Gruops -> Access Control (IAM) -> Add User and added my…
spottedmahn
  • 14,823
  • 13
  • 108
  • 178
1 2 3
14 15