Skip to content

[Built-in rule] Add SystemAssigned, UserAssigned as an allowed identity on TA-000007, TA-000013, TA-000019#370

Merged
reynoldskr merged 5 commits intoAzure:mainfrom
richardsondev:jorichar/SystemAssignedUserAssignedRule
Sep 9, 2024
Merged

[Built-in rule] Add SystemAssigned, UserAssigned as an allowed identity on TA-000007, TA-000013, TA-000019#370
reynoldskr merged 5 commits intoAzure:mainfrom
richardsondev:jorichar/SystemAssignedUserAssignedRule

Conversation

@richardsondev
Copy link
Copy Markdown
Member

@richardsondev richardsondev commented Aug 13, 2024
edited
Loading

Description

Add SystemAssigned, UserAssigned as an accepted identity on rules TA-000007, TA-000013, TA-000019. This is a valid operation on Azure Functions and currently our bicep templates are being flagged by this so we need to ignore this rule.

Issue #372

Expected behavior

TA-000013 should not detect Azure Functions as missing an identity when both SystemAssigned and UserAssigned are defined:

  identity: {
    type: 'SystemAssigned, UserAssigned'
    userAssignedIdentities: {
      '${managedIdentity.id}': {}
    }
  }

This checklist is used to make sure that common guidelines for a pull request are followed.

General Guidelines

  • Title of the pull request is clear and informative.
  • Description of the pull request is clear and informative.
  • I have added myself to the 'assignees'. (no permissions)
  • I have added 'linked issues' if relevant.

Testing Guidelines

  • Pull request includes test coverage for the included changes.

VeraBE
VeraBE reviewed Aug 15, 2024
View reviewed changes
@richardsondev richardsondev marked this pull request as ready for review August 28, 2024 05:43
@richardsondev richardsondev requested a review from a team as a code owner August 28, 2024 05:43
reynoldskr
reynoldskr approved these changes Sep 3, 2024
View reviewed changes
Copy link
Copy Markdown

@reynoldskr reynoldskr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good

JohnathonMohr
JohnathonMohr requested changes Sep 5, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@JohnathonMohr JohnathonMohr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for your contribution! Just a couple comments.

richardsondev
richardsondev commented Sep 5, 2024
View reviewed changes
@richardsondev richardsondev changed the title [Built-in rule] Add SystemAssigned, UserAssigned as an allowed identity on TA-000013 [Built-in rule] Add SystemAssigned, UserAssigned as an allowed identity on TA-000007, TA-000013, TA-000019 Sep 5, 2024
@richardsondev richardsondev requested a review from VeraBE September 5, 2024 23:49
@reynoldskr reynoldskr merged commit 01cffdb into Azure:main Sep 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@JohnathonMohr JohnathonMohr JohnathonMohr approved these changes

@VeraBE VeraBE Awaiting requested review from VeraBE

+1 more reviewer

@reynoldskr reynoldskr reynoldskr approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@richardsondev @reynoldskr @VeraBE @JohnathonMohr