Plugin Title Identity Enabled
Category App Service
Description Ensures a system or user assigned managed identity is enabled to authenticate to App Services without storing credentials in the code.
More Info Maintaining cloud connection credentials in code is a security risk. Credentials should never appear on developer workstations and should not be checked into source control. Managed identities for Azure resources provides Azure services with a managed identity in Azure AD which can be used to authenticate to any service that supports Azure AD authentication, without having to include any credentials in code.
AWS Link
Recommended Action Enable system or user-assigned identities for all App Services and avoid storing credentials in code.

Detailed Remediation Steps

Want to scan for this risk automatically?

Get Started Now