v1.21.0
What's changed since v1.20.2:
- New features:
- Mapping of Azure Security Benchmark v3 to security rules by @jagoodwin.
#1610
- Mapping of Azure Security Benchmark v3 to security rules by @jagoodwin.
- New rules:
- Deployment:
- Check sensitive resource values use secure parameters by @VeraBE @BernieWhite.
#1773
- Check sensitive resource values use secure parameters by @VeraBE @BernieWhite.
- Service Bus:
- Check service bus namespaces uses TLS 1.2 version by @bengeset96.
#1777
- Check service bus namespaces uses TLS 1.2 version by @bengeset96.
- Virtual Machine:
- Check virtual machines uses Azure Monitor Agent instead of old legacy Log Analytics Agent by @bengeset96.
#1792
- Check virtual machines uses Azure Monitor Agent instead of old legacy Log Analytics Agent by @bengeset96.
- Virtual Machine Scale Sets:
- Check virtual machine scale sets uses Azure Monitor Agent instead of old legacy Log Analytics Agent by @bengeset96.
#1792
- Check virtual machine scale sets uses Azure Monitor Agent instead of old legacy Log Analytics Agent by @bengeset96.
- Virtual Network:
- Check VNETs with a GatewaySubnet also has a AzureBastionSubnet by @bengeset96.
#1761
- Check VNETs with a GatewaySubnet also has a AzureBastionSubnet by @bengeset96.
- Deployment:
- General improvements:
- Added built-in list of ignored policy definitions by @BernieWhite.
#1730- To ignore additional policy definitions, use the
AZURE_POLICY_IGNORE_LISTconfiguration option.
- To ignore additional policy definitions, use the
- Added built-in list of ignored policy definitions by @BernieWhite.
- Engineering:
What's changed since pre-release v1.21.0-B0050:
- No additional changes.
See change log.
Contributors
VeraBE, BernieWhite, and 2 other contributors