Skip to content
avm.ptn.azd.ml-ai-environment

feat: Update avm/res/api-management/service - WAF Security recommen… #1

Sign in to view logs

feat: Update avm/res/api-management/service - WAF Security recommen…

feat: Update avm/res/api-management/service - WAF Security recommen… #1

Triggered via push February 21, 2025 08:51
@cmezachcmezach
pushed ac7a2d6
main
Status Cancelled
Total duration 9m 34s
Artifacts

avm.ptn.azd.ml-ai-environment.yml

on: push
Initialize pipeline
23s
Initialize pipeline
Run  /  Static validation
1m 5s
Run / Static validation
Matrix: Run / job_psrule_test_waf_reliability
Matrix: Run / job_psrule_test_waf_security_cb
Matrix: Run / job_psrule_test
Matrix: Run / job_psrule_test_waf_security
Matrix: Run / job_module_deploy_validation
Run  /  Publishing
0s
Run / Publishing
Fit to window
Zoom out
Zoom in

Annotations

14 errors and 1 warning
Run / PSRule [defaults]
AZR-000202: ***maeminsa001 failed Azure.Storage.Firewall. Storage Accounts should only accept explicitly allowed traffic.
Run / PSRule [defaults]
AZR-000198: ***maeminsa001 failed Azure.Storage.BlobPublicAccess. Storage Accounts should only accept authorized requests.
Run / PSRule [defaults]
AZR-000408: bbc22840527b6-cognitive failed Azure.Deployment.SecureParameter. Sensitive parameters that have been not been marked as secure may leak the secret into deployment history or logs.
Run / PSRule [defaults]
AZR-000408: 8b9c5edc7ba67-cognitive failed Azure.Deployment.SecureParameter. Sensitive parameters that have been not been marked as secure may leak the secret into deployment history or logs.
Run / PSRule [defaults]
AZR-000282: ***maemincs001 failed Azure.AI.DisableLocalAuth. Access keys allow depersonalized access to Azure AI using a shared secret.
Run / PSRule [defaults]
AZR-000406: ***maeminhub001 failed Azure.ML.PublicAccess. Disable public network access from a Azure Machine Learning workspace.
Run / PSRule [defaults]
AZR-000407: ***maeminhub001 failed Azure.ML.UserManagedIdentity. ML workspaces should use user-assigned managed identity, rather than the default system-assigned managed identity.
Run / PSRule [defaults]
AZR-000406: ***maeminpro001 failed Azure.ML.PublicAccess. Disable public network access from a Azure Machine Learning workspace.
Run / PSRule [defaults]
AZR-000407: ***maeminpro001 failed Azure.ML.UserManagedIdentity. ML workspaces should use user-assigned managed identity, rather than the default system-assigned managed identity.
Run / PSRule [defaults]
One or more assertions failed. One or more rules reported failure.
Run / Static validation
[-] [azd/ml-ai-environment] All required parameters & UDTs in template file should have description that start with "(Required|Conditional).". 39ms (37ms|1ms)
Run / Static validation
Process completed with exit code 1.
Run / PSRule - WAF Security [defaults]
The run was canceled by @cmezach.
Run / PSRule - WAF Security - AVM Custom Baseline [defaults]
The run was canceled by @cmezach.
Run / PSRule [defaults]
AZR-000388: ***maeminkv01 failed Azure.KeyVault.RBAC. Key Vaults should use Azure RBAC as the authorization system for the data plane.