turbot/azure_compliance

Control: CORS should not allow every resource to access your Web Applications

Description

Cross-Origin Resource Sharing (CORS) should not allow all domains to access your web application. Allow only required domains to interact with your web app.

Usage

steampipe check azure_compliance.control.appservice_web_app_cors_no_star

SQL

This control uses a named query:

appservice_web_app_cors_no_star

Tags