Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Built-in rule] Add SystemAssigned, UserAssigned as an allowed identity on TA-000007, TA-000013, TA-000019 #370

Merged
merged 5 commits into from
Sep 9, 2024
Merged

[Built-in rule] Add SystemAssigned, UserAssigned as an allowed identity on TA-000007, TA-000013, TA-000019 #370

merged 5 commits into from
Sep 9, 2024

Conversation

richardsondev
Copy link
Member

@richardsondev richardsondev commented Aug 13, 2024
edited
Loading

Description

Add SystemAssigned, UserAssigned as an accepted identity on rules TA-000007, TA-000013, TA-000019. This is a valid operation on Azure Functions and currently our bicep templates are being flagged by this so we need to ignore this rule.

Issue #372

Expected behavior

TA-000013 should not detect Azure Functions as missing an identity when both SystemAssigned and UserAssigned are defined:

  identity: {
    type: 'SystemAssigned, UserAssigned'
    userAssignedIdentities: {
      '${managedIdentity.id}': {}
    }
  }

This checklist is used to make sure that common guidelines for a pull request are followed.

General Guidelines

  • Title of the pull request is clear and informative.
  • Description of the pull request is clear and informative.
  • I have added myself to the 'assignees'. (no permissions)
  • I have added 'linked issues' if relevant.

Testing Guidelines

  • Pull request includes test coverage for the included changes.

@richardsondev richardsondev marked this pull request as ready for review August 28, 2024 05:43
@richardsondev richardsondev requested a review from a team as a code owner August 28, 2024 05:43
reynoldsa
reynoldsa approved these changes Sep 3, 2024
View reviewed changes
Copy link
Contributor

@reynoldsa reynoldsa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good

JohnathonMohr
JohnathonMohr requested changes Sep 5, 2024
View reviewed changes
Copy link
Contributor

@JohnathonMohr JohnathonMohr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for your contribution! Just a couple comments.

src/Analyzer.Core/Rules/BuiltInRules.json Outdated Show resolved Hide resolved
src/Analyzer.Core/Rules/BuiltInRules.json Outdated Show resolved Hide resolved
@richardsondev richardsondev changed the title [Built-in rule] Add SystemAssigned, UserAssigned as an allowed identity on TA-000013 [Built-in rule] Add SystemAssigned, UserAssigned as an allowed identity on TA-000007, TA-000013, TA-000019 Sep 5, 2024
@richardsondev richardsondev requested a review from VeraBE September 5, 2024 23:49
@reynoldsa reynoldsa merged commit 01cffdb into Azure:main Sep 9, 2024
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JohnathonMohr JohnathonMohr JohnathonMohr approved these changes

@reynoldsa reynoldsa reynoldsa approved these changes

@VeraBE VeraBE Awaiting requested review from VeraBE

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@richardsondev @reynoldsa @VeraBE @JohnathonMohr