turbot/azure_compliance

Control: CORS should not allow every resource to access your Function Apps

Description

Cross-Origin Resource Sharing (CORS) should not allow all domains to access your Function app. Allow only required domains to interact with your Function app.

Usage

steampipe check azure_compliance.control.appservice_function_app_cors_no_star

SQL

This control uses a named query:

appservice_function_app_cors_no_star

Tags