2019-09-25 01:59:25 +03:00
# Change log
2019-04-30 02:02:02 +03:00
## Unreleased
2019-05-17 14:44:34 +03:00
2021-02-01 02:47:32 +03:00
## v1.0.0-B2101028 (pre-release)
2021-01-31 08:32:52 +03:00
What's changed since pre-release v1.0.0-B2101016:
2021-01-31 13:26:29 +03:00
- New rules:
- All resources:
- Check parameter default value type matches type. [#311 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/311 )
2021-01-31 08:32:52 +03:00
- General improvements:
- Renamed `Export-AzTemplateRuleData` to `Export-AzRuleTemplateData` . [#596 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/596 )
- New name `Export-AzRuleTemplateData` aligns with prefix of other cmdlets.
- Use of `Export-AzTemplateRuleData` is now deprecated and will be removed in the next major version.
- Added alias to allow `Export-AzTemplateRuleData` to continue to be used.
- Using `Export-AzTemplateRuleData` returns a deprecation warning.
2021-01-28 05:53:32 +03:00
## v1.0.0-B2101016 (pre-release)
2021-01-28 04:16:15 +03:00
What's changed since pre-release v1.0.0-B2101006:
2021-01-28 05:27:28 +03:00
- New rules:
- Service Fabric:
- Check Service Fabric clusters use AAD client authentication. [#619 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/619 )
2021-01-28 04:16:15 +03:00
- Bug fixes:
- Fixed reason `Azure.FrontDoor.ProbePath` so the probe name is included. [#617 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/617 )
2021-01-25 08:13:15 +03:00
## v1.0.0-B2101006 (pre-release)
2021-01-23 16:46:12 +03:00
What's changed since v0.19.0:
2021-01-24 09:27:44 +03:00
- New rules:
- All resources:
- Check location parameter defaults to resource group. [#361 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/361 )
2021-01-25 07:40:48 +03:00
- Front Door:
- Check Front Door uses a health probe for each backend pool. [#546 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/546 )
- Check Front Door uses a dedicated health probe path backend pools. [#547 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/547 )
- Check Front Door uses HEAD requests for backend health probes. [#613 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/613 )
2021-01-23 16:46:12 +03:00
- Updated rules:
- Azure Kubernetes Service:
- Updated `Azure.AKS.Version` to 1.19.6. [#603 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/603 )
2021-01-23 21:11:38 +03:00
- General improvements:
- Added support for `environment` template function. [#517 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/517 )
2021-01-25 06:48:08 +03:00
- Engineering:
- Bump PSRule dependency to v1.0.1. [#611 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/611 )
2021-01-23 16:46:12 +03:00
2021-01-01 07:17:37 +03:00
## v0.19.0
What's changed since v0.18.0:
- New features:
- Added `Azure.GA_2020_12` baseline. [#593 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/593 )
- Includes rules released before or during December 2020 for Azure GA features.
- Marked baseline `Azure.GA_2020_09` as obsolete.
- New rules:
- Database for MySQL:
- Check database servers meet name requirements. [#583 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/583 )
- Database for PostgreSQL:
- Check database servers meet name requirements. [#583 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/583 )
- SQL Database:
- Check SQL logical servers meet name requirements. [#583 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/583 )
- Check SQL failover groups meet name requirements. [#583 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/583 )
- Check SQL databases meet name requirements. [#583 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/583 )
- SQL Managed Instance:
- Check SQL Managed Instances meet name requirements. [#583 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/583 )
- Updated rules:
- Azure Kubernetes Service:
- Updated `Azure.AKS.Version` to 1.19.3. [#590 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/590 )
- General improvements:
- Added support for `true` , `false` , and `null` template functions. [#579 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/579 )
- Added support for `createObject` template function. [#580 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/580 )
- Engineering:
- Bump PSRule dependency to v1.0.0. [#588 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/588 )
2020-12-31 15:06:01 +03:00
What's changed since pre-release v0.19.0-B2012008:
- New features:
- Added `Azure.GA_2020_12` baseline. [#593 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/593 )
- Includes rules released before or during December 2020 for Azure GA features.
- Marked baseline `Azure.GA_2020_09` as obsolete.
2020-12-20 11:58:35 +03:00
## v0.19.0-B2012008 (pre-release)
What's changed since pre-release v0.19.0-B2011008:
2020-12-20 10:56:11 +03:00
- Updated rules:
- Azure Kubernetes Service:
- Updated `Azure.AKS.Version` to 1.19.3. [#590 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/590 )
2020-12-20 10:35:44 +03:00
- Engineering:
- Bump PSRule dependency to v1.0.0. [#588 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/588 )
2020-11-27 01:54:03 +03:00
## v0.19.0-B2011008 (pre-release)
2020-11-24 12:12:24 +03:00
What's changed since v0.18.0:
2020-11-27 01:38:48 +03:00
- New rules:
- Database for MySQL:
- Check database servers meet name requirements. [#583 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/583 )
- Database for PostgreSQL:
- Check database servers meet name requirements. [#583 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/583 )
- SQL Database:
- Check SQL logical servers meet name requirements. [#583 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/583 )
- Check SQL failover groups meet name requirements. [#583 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/583 )
- Check SQL databases meet name requirements. [#583 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/583 )
- SQL Managed Instance:
- Check SQL Managed Instances meet name requirements. [#583 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/583 )
2020-11-24 12:12:24 +03:00
- General improvements:
- Added support for `true` , `false` , and `null` template functions. [#579 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/579 )
2020-11-24 12:52:18 +03:00
- Added support for `createObject` template function. [#580 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/580 )
2020-11-24 12:12:24 +03:00
2020-11-23 02:35:41 +03:00
## v0.18.0
What's changed since v0.17.0:
- New rules:
- Container Registry:
- Check registries use container image scanning. [#558 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/558 )
- Check registries image scanning results are healthy. [#558 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/558 )
- Check registries use content trust. [#558 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/558 )
- Check registries are geo-replicated. [#558 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/558 )
- Check registries uses storage space less than included storage. [#558 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/558 )
- Check registries have a retention set of untagged manifests (preview). [#558 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/558 )
- Check registries use image quarantine pattern (preview). [#558 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/558 )
- Front Door:
- Check Front Door WAF policy name requirements. [#552 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/552 )
- Bug fixes:
- Fixed HNS storage accounts so they are excluded from blob soft delete rule. [#554 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/554 )
- Fixed reason typo on template parameter metadata. [#567 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/567 )
- Fixed `Get-AzRuleTemplateLink` reports incorrect parameter with file path. [#568 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/568 )
- Fixed variable property not resolved with copy peer. [#571 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/571 )
- Fixed blob soft delete for FileStorage storage accounts. [#573 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/573 )
- Fixed top level variable copy detected as unused variable.[#569](https://github.com/microsoft/PSRule.Rules.Azure/issues/569)
- Fixed ResourceGroupName property cannot be found on this object. [#561 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/561 )
What's changed since pre-release v0.18.0-B2011023:
- No additional changes.
2020-11-17 14:10:42 +03:00
## v0.18.0-B2011023 (pre-release)
2020-11-16 10:29:12 +03:00
What's changed since pre-release v0.18.0-B2011005:
- Bug fixes:
- Fixed reason typo on template parameter metadata. [#567 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/567 )
- Fixed `Get-AzRuleTemplateLink` reports incorrect parameter with file path. [#568 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/568 )
2020-11-16 11:46:36 +03:00
- Fixed variable property not resolved with copy peer. [#571 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/571 )
2020-11-17 05:58:47 +03:00
- Fixed blob soft delete for FileStorage storage accounts. [#573 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/573 )
2020-11-17 12:15:19 +03:00
- Fixed top level variable copy detected as unused variable.[#569](https://github.com/microsoft/PSRule.Rules.Azure/issues/569)
2020-11-16 10:29:12 +03:00
2020-11-05 13:54:36 +03:00
## v0.18.0-B2011005 (pre-release)
2020-11-05 13:43:46 +03:00
What's changed since pre-release v0.18.0-B2010016:
- Bug fixes:
- Fixed ResourceGroupName property cannot be found on this object. [#561 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/561 )
2020-11-02 02:41:57 +03:00
## v0.18.0-B2010016 (pre-release)
What's changed since v0.17.0:
2020-10-29 15:30:08 +03:00
- New rules:
2020-10-29 15:57:37 +03:00
- Container Registry:
- Check registries use container image scanning. [#558 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/558 )
- Check registries image scanning results are healthy. [#558 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/558 )
- Check registries use content trust. [#558 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/558 )
- Check registries are geo-replicated. [#558 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/558 )
- Check registries uses storage space less than included storage. [#558 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/558 )
- Check registries have a retention set of untagged manifests (preview). [#558 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/558 )
- Check registries use image quarantine pattern (preview). [#558 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/558 )
2020-10-29 15:30:08 +03:00
- Front Door:
- Check Front Door WAF policy name requirements. [#552 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/552 )
2020-10-29 13:43:48 +03:00
- Bug fixes:
- Fixed HNS storage accounts so they are excluded from blob soft delete rule. [#554 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/554 )
2020-10-24 08:49:04 +03:00
## v0.17.0
What's changed since v0.16.0:
- New rules:
- Azure Cache for Redis:
- Check cache instances use Standard C1 or greater SKU. [#501 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/501 )
- Cache cache instances configure `maxmemory-reserved` setting. [#502 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/502 )
- App Configuration:
- Check App Configuration stores meet name requirements. [#528 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/528 )
- Check App Configuration stores use standard SKU. [#528 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/528 )
- App Service:
- Check App Service apps use HTTP/2. [#538 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/538 )
- Check App Service apps use managed identities. [#537 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/537 )
- Check App Service apps use Always On. [#521 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/521 )
- Check App Service apps have remote debugging disabled. [#521 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/521 )
- Check App Service apps use newer .NET Framework versions. [#521 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/521 )
- Check App Service apps use newer PHP runtime versions. [#521 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/521 )
- Logic App:
- Check Logic App apps limit IP range for HTTP triggers. [#526 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/526 )
- Updated rules:
- Storage:
- Updated `Azure.Storage.UseReplication` for additional use cases.
- Added support for geo-zone-redundant storage. [#535 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/534 )
- Exclude storage tagged with `resource-usage = 'azure-functions'` or `resource-usage = 'azure-monitor'` . [#534 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/534 )
- Azure Kubernetes Service:
- Promote `Azure.AKS.AzurePolicyAddOn` to GA rule set. [#524 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/524 )
- Removed rules:
- Azure Kubernetes Service:
- Remove `Azure.AKS.PodSecurityPolicy` as this AKS feature is replaced by Azure Policy. [#523 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/523 )
- General improvements:
- Added support for `providers` template function. [#177 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/177 )
- Added support for `dateTimeAdd` template function. [#516 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/516 )
- Bug fixes:
- Fixed expansion of templates with multiple variables copy blocks. [#541 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/541 )
- Fixed App Service rule site config false positives in templates. [#533 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/533 )
What's changed since pre-release v0.17.0-B2010028:
- No additional changes.
2020-10-22 16:35:40 +03:00
## v0.17.0-B2010028 (pre-release)
What's changed since pre-release v0.17.0-B2010022:
2020-10-20 09:08:01 +03:00
- New rules:
- Azure Cache for Redis:
2020-10-22 16:35:40 +03:00
- Check cache instances use Standard C1 or greater SKU. [#501 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/501 )
2020-10-20 09:08:01 +03:00
- Cache cache instances configure `maxmemory-reserved` setting. [#502 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/502 )
2020-10-15 17:00:18 +03:00
## v0.17.0-B2010022 (pre-release)
What's changed since pre-release v0.17.0-B2010017:
2020-10-15 16:40:55 +03:00
- Bug fixes:
- Fixed expansion of templates with multiple variables copy blocks. [#541 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/541 )
2020-10-10 14:59:38 +03:00
## v0.17.0-B2010017 (pre-release)
What's changed since pre-release v0.17.0-B2010006:
2020-10-10 14:46:17 +03:00
- New rules:
- App Service:
- Check App Service apps use HTTP/2. [#538 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/538 )
- Check App Service apps use managed identities. [#537 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/537 )
2020-10-09 17:01:21 +03:00
- Updated rules:
- Storage:
- Updated `Azure.Storage.UseReplication` for additional use cases.
- Added support for geo-zone-redundant storage. [#535 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/534 )
- Exclude storage tagged with `resource-usage = 'azure-functions'` or `resource-usage = 'azure-monitor'` . [#534 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/534 )
- Bug fixes:
- Fixed App Service rule site config false positives in templates. [#533 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/533 )
2020-10-06 08:53:06 +03:00
## v0.17.0-B2010006 (pre-release)
What's changed since pre-release v0.17.0-B2009009:
2020-10-02 17:56:14 +03:00
- New rules:
2020-10-06 08:25:46 +03:00
- App Configuration:
- Check App Configuration stores meet name requirements. [#528 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/528 )
- Check App Configuration stores use standard SKU. [#528 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/528 )
2020-10-02 17:56:14 +03:00
- App Service:
- Check App Service apps use Always On. [#521 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/521 )
- Check App Service apps have remote debugging disabled. [#521 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/521 )
- Check App Service apps use newer .NET Framework versions. [#521 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/521 )
- Check App Service apps use newer PHP runtime versions. [#521 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/521 )
2020-10-06 07:58:42 +03:00
- Logic App:
- Check Logic App apps limit IP range for HTTP triggers. [#526 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/526 )
2020-10-03 17:00:16 +03:00
- Updated rules:
- Azure Kubernetes Service:
- Promote `Azure.AKS.AzurePolicyAddOn` to GA rule set. [#524 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/524 )
- Removed rules:
- Azure Kubernetes Service:
- Remove `Azure.AKS.PodSecurityPolicy` as this AKS feature is replaced by Azure Policy. [#523 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/523 )
2020-10-02 17:56:14 +03:00
2020-09-28 17:14:51 +03:00
## v0.17.0-B2009009 (pre-release)
What's changed since v0.16.0:
2020-09-28 16:53:50 +03:00
- General improvements:
- Added support for `providers` template function. [#177 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/177 )
- Added support for `dateTimeAdd` template function. [#516 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/516 )
2020-09-21 01:55:30 +03:00
## v0.16.0
What's changed since v0.15.0:
- New features:
- Added `Azure.GA_2020_09` baseline. [#488 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/488 )
- Includes rules released before or during September 2020 for Azure GA features.
- Marked baseline `Azure.GA_2020_06` as obsolete.
- New rules:
- CDN:
- Check CDN endpoint naming requirements. [#486 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/486 )
- Check CDN endpoints use TLS 1.2. [#487 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/487 )
- Updated rules:
- Azure Kubernetes Service:
- Updated `Azure.AKS.Version` to 1.18.8. [#504 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/504 )
- General improvements:
- Updated rule content to align with Microsoft Azure Well-Architected Framework pillars. [#481 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/481 )
- Improve output of template processing exceptions. [#484 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/484 )
- Engineering:
- Bump PSRule dependency to v0.20.0.
- Bug fixes:
- Fixed Data Factory version not detected with template. [#498 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/498 )
- Fixed parameter file detection with `2019-04-01` schema. [#495 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/495 )
- Fixed deprecated `$Rule` properties. [#491 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/491 )
What's changed since pre-release v0.16.0-B2009033:
- No additional changes.
2020-09-19 12:38:25 +03:00
## v0.16.0-B2009033 (pre-release)
What's changed since pre-release v0.16.0-B2009024:
2020-09-19 12:16:45 +03:00
- New features:
- Added `Azure.GA_2020_09` baseline. [#488 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/488 )
- Includes rules released before or during September 2020 for Azure GA features.
- Marked baseline `Azure.GA_2020_06` as obsolete.
2020-09-17 15:42:37 +03:00
- Updated rules:
- Azure Kubernetes Service:
- Updated `Azure.AKS.Version` to 1.18.8. [#504 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/504 )
2020-09-19 12:16:45 +03:00
- Engineering:
- Bump PSRule dependency to v0.20.0.
2020-09-17 15:42:37 +03:00
2020-09-17 13:04:05 +03:00
## v0.16.0-B2009024 (pre-release)
What's changed since pre-release v0.16.0-B2009019:
2020-09-21 01:55:30 +03:00
- Bug fixes:
2020-09-17 12:37:10 +03:00
- Fixed Data Factory version not detected with template. [#498 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/498 )
2020-09-16 09:22:24 +03:00
## v0.16.0-B2009019 (pre-release)
What's changed since pre-release v0.16.0-B2009011:
2020-09-16 09:10:00 +03:00
- Bug fixes:
- Fixed parameter file detection with `2019-04-01` schema. [#495 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/495 )
2020-09-14 04:56:35 +03:00
## v0.16.0-B2009011 (pre-release)
What's changed since pre-release v0.16.0-B2009004:
2020-09-09 05:34:48 +03:00
- Bug fixes:
- Fixed deprecated `$Rule` properties. [#491 ](https://github.com/microsoft/PSRule.Rules.Azure/issues/491 )
2020-09-07 08:21:30 +03:00
## v0.16.0-B2009004 (pre-release)
What's changed since v0.15.0:
2020-09-07 06:28:12 +03:00
- New rules:
- CDN:
- Check CDN endpoint naming requirements. [#486 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/486 )
- Check CDN endpoints use TLS 1.2. [#487 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/487 )
2020-08-28 06:27:27 +03:00
- General improvements:
- Updated rule content to align with Microsoft Azure Well-Architected Framework pillars. [#481 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/481 )
2020-09-07 03:32:06 +03:00
- Improve output of template processing exceptions. [#484 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/484 )
2020-08-28 06:27:27 +03:00
2020-08-24 02:41:41 +03:00
## v0.15.0
What's changed since v0.14.1:
- New rules:
- All resources:
- Check ARM template parameters are used. [#232 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/232 )
- Check ARM template variables are used. [#233 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/233 )
- Check ARM template parameters include a metadata description. [#360 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/360 )
- Check ARM templates define at least one resource. [#359 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/359 )
- Database for MySQL:
- Check database servers reject TLS versions older than 1.2. [#469 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/469 )
- Database for PostgreSQL:
- Check database servers reject TLS versions older than 1.2. [#470 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/470 )
- SQL Database:
- Check database servers reject TLS versions older than 1.2. [#471 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/471 )
- Storage Account:
- Check Storage Accounts reject TLS versions older than 1.2. [#455 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/455 )
- Check Storage Accounts only accept authorized requests. [#456 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/456 )
- Updated rules:
- Azure Kubernetes Service:
- Updated `Azure.AKS.Version` to 1.17.9. [#452 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/452 )
2020-09-19 12:16:45 +03:00
- Engineering:
- Bump PSRule dependency to v0.19.0.
2020-08-24 02:41:41 +03:00
- Bug fixes:
- Fixed export of non-blob Storage Accounts. [#464 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/464 )
- Fixed export of subscription Security Center data based on API version. [#465 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/465 )
- Fixed masking of sharedKey when property does not exist. [#466 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/466 )
What's changed since pre-release v0.15.0-B2008034:
- No additional changes.
2020-08-19 16:30:34 +03:00
## v0.15.0-B2008043 (pre-release)
What's changed since pre-release v0.15.0-B2008034:
2020-08-19 14:32:51 +03:00
- New rules:
- Database for MySQL:
- Check database servers reject TLS versions older than 1.2. [#469 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/469 )
- Database for PostgreSQL:
- Check database servers reject TLS versions older than 1.2. [#470 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/470 )
- SQL Database:
- Check database servers reject TLS versions older than 1.2. [#471 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/471 )
2020-08-19 16:15:37 +03:00
- Bug fixes:
- Fixed use variables check when no variables are defined. [#462 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/462 )
2020-08-19 14:32:51 +03:00
2020-08-17 18:14:00 +03:00
## v0.15.0-B2008034 (pre-release)
What's changed since pre-release v0.15.0-B2008026:
2020-08-17 17:46:56 +03:00
- Bug fixes:
- Fixed export of non-blob Storage Accounts. [#464 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/464 )
- Fixed export of subscription Security Center data based on API version. [#465 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/465 )
- Fixed masking of sharedKey when property does not exist. [#466 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/466 )
2020-08-14 07:35:57 +03:00
## v0.15.0-B2008026 (pre-release)
2020-08-17 18:14:00 +03:00
What's changed since v0.14.1:
2020-08-13 17:24:51 +03:00
- New rules:
2020-08-14 07:22:10 +03:00
- All resources:
- Check ARM template parameters are used. [#232 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/232 )
- Check ARM template variables are used. [#233 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/233 )
- Check ARM template parameters include a metadata description. [#360 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/360 )
- Check ARM templates define at least one resource. [#359 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/359 )
2020-08-13 17:24:51 +03:00
- Storage Account:
- Check Storage Accounts reject TLS versions older than 1.2. [#455 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/455 )
- Check Storage Accounts only accept authorized requests. [#456 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/456 )
2020-08-14 05:20:29 +03:00
- Updated rules:
- Azure Kubernetes Service:
- Updated `Azure.AKS.Version` to 1.17.9. [#452 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/452 )
2020-08-13 17:24:51 +03:00
2020-08-06 10:45:31 +03:00
## v0.14.1
2020-08-17 18:14:00 +03:00
What's changed since v0.14.0:
2020-08-06 10:45:31 +03:00
2020-08-06 10:16:50 +03:00
- Bug fixes:
- Fixed resource tags rule to exclude diagnostic settings. [#448 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/448 )
2020-07-24 01:35:03 +03:00
## v0.14.0
What's changed since v0.13.0:
- New rules:
- API Management:
- Check API Management service name requirements. [#437 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/437 )
- Check API Management products have legal terms. [#438 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/438 )
- Check API Management products have a display name and description. [#439 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/439 )
- Check API Management APIs have a display name and description. [#440 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/440 )
- Subscriptions:
- Check subscription is managed by PIM. [#422 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/422 )
- Updated rules:
- Azure Kubernetes Service:
- Updated `Azure.AKS.Version` to 1.17.7. [#427 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/427 )
- General improvements:
- Updated rule reasons and logic. [#424 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/424 )
- Bug fixes:
- Fixed masking for network connection resource configuration. [#434 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/434 )
- Fixed hybrid use benefit rule to exclude Windows client OSs. [#433 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/433 )
- Fixed VM standalone rule to exclude Windows client OSs. [#442 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/442 )
What's changed since pre-release v0.14.0-B2007031:
- No additional changes.
2020-07-22 12:08:30 +03:00
## v0.14.0-B2007031 (pre-release)
2020-09-14 04:56:35 +03:00
What's changed since pre-release v0.14.0-B2007020:
2020-07-22 10:13:02 +03:00
- New rules:
- API Management:
- Check API Management service name requirements. [#437 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/437 )
- Check API Management products have legal terms. [#438 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/438 )
- Check API Management products have a display name and description. [#439 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/439 )
- Check API Management APIs have a display name and description. [#440 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/440 )
2020-07-21 10:11:03 +03:00
- Bug fixes:
- Fixed masking for network connection resource configuration. [#434 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/434 )
2020-07-22 11:58:12 +03:00
- Fixed hybrid use benefit rule to exclude Windows client OSs. [#433 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/433 )
- Fixed VM standalone rule to exclude Windows client OSs. [#442 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/442 )
2020-07-21 10:11:03 +03:00
2020-07-11 15:08:15 +03:00
## v0.14.0-B2007020 (pre-release)
2020-09-14 04:56:35 +03:00
What's changed since v0.13.0:
2020-07-07 14:55:42 +03:00
- New rules:
- Subscriptions:
- Check subscription is managed by PIM. [#422 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/422 )
2020-07-10 05:28:06 +03:00
- Updated rules:
- Azure Kubernetes Service:
- Updated `Azure.AKS.Version` to 1.17.7. [#427 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/427 )
2020-07-08 09:16:24 +03:00
- General improvements:
- Updated rule reasons and logic. [#424 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/424 )
2020-07-07 14:55:42 +03:00
2020-06-23 16:16:56 +03:00
## v0.13.0
What's changed since v0.12.1:
- New features:
- Added `Azure.GA_2020_06` baseline. [#399 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/399 )
- Includes rules released before or during June 2020 for Azure GA features.
- New rules:
- Azure Kubernetes Service:
- Check AKS clusters use a Standard load balancer SKU. [#334 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/334 )
- Check AKS clusters use Managed Identities for cluster infrastructure. [#333 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/333 )
- Check AKS clusters use Azure Policy add-on (preview). [#405 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/405 )
- Public IP:
- Check Public IP domain name label requirements. [#389 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/389 )
- Virtual Machines:
- Check Availability Set name requirements. [#387 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/387 )
- Check Computer name requirements. [#387 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/387 )
- Check Managed Disk name requirements. [#387 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/387 )
- Check Network Interface name requirements. [#387 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/387 )
- Check Virtual Machine name requirements. [#387 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/387 )
- Check Proximity Placement Group name requirements. [#387 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/387 )
- Virtual Machine Scale Sets:
- Check Computer name requirements. [#387 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/387 )
- Check Virtual Machine Scale Set name requirements. [#387 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/387 )
- Updated rules:
- Azure Kubernetes Service:
- Updated `Azure.AKS.Version` to 1.16.9. [#394 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/394 )
- Bug fixes:
- Fixed module default culture. [#390 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/390 )
- Fixed exception message for object property that does not exist. [#362 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/362 )
- Fixed substring raises an exception processing sub expressions. [#413 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/413 )
What's changed since pre-release v0.13.0-B2006032:
2020-06-23 11:29:11 +03:00
- Bug fixes:
- Fixed substring raises an exception processing sub expressions. [#413 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/413 )
2020-06-21 11:26:46 +03:00
## v0.13.0-B2006032 (pre-release)
2020-06-21 11:14:32 +03:00
- New features:
- Added `Azure.GA_2020_06` baseline. [#399 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/399 )
- Includes rules released before or during June 2020 for Azure GA features.
2020-06-18 01:21:49 +03:00
- Bug fixes:
- Fixed exception message for object property that does not exist. [#362 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/362 )
2020-06-16 11:50:21 +03:00
## v0.13.0-B2006023 (pre-release)
2020-06-16 11:29:54 +03:00
- New rules:
- Public IP:
- Check Public IP domain name label requirements. [#389 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/389 )
- Virtual Machines:
- Check Availability Set name requirements. [#387 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/387 )
- Check Computer name requirements. [#387 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/387 )
- Check Managed Disk name requirements. [#387 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/387 )
- Check Network Interface name requirements. [#387 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/387 )
- Check Virtual Machine name requirements. [#387 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/387 )
- Check Proximity Placement Group name requirements. [#387 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/387 )
- Virtual Machine Scale Sets:
- Check Computer name requirements. [#387 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/387 )
- Check Virtual Machine Scale Set name requirements. [#387 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/387 )
2020-06-15 11:08:09 +03:00
## v0.13.0-B2006017 (pre-release)
2020-06-15 10:14:09 +03:00
- New rules:
- Azure Kubernetes Service:
- Check AKS clusters use a Standard load balancer SKU. [#334 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/334 )
- Check AKS clusters use Managed Identities for cluster infrastructure. [#333 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/333 )
- Check AKS clusters use Azure Policy add-on (preview). [#405 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/405 )
2020-06-02 15:11:07 +03:00
## v0.13.0-B2006003 (pre-release)
2020-05-31 04:59:24 +03:00
- Updated rules:
- Azure Kubernetes Service:
- Updated `Azure.AKS.Version` to 1.16.9. [#394 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/394 )
2020-06-02 13:34:49 +03:00
- Bug fixes:
- Fixed module default culture. [#390 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/390 )
2020-05-31 04:59:24 +03:00
2020-05-25 05:07:42 +03:00
## v0.12.1
What's changed since v0.12.0:
2020-05-23 06:09:59 +03:00
- Bug fixes:
- Fixed subnet name check for VNET with no subnets. [#386 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/386 )
2020-05-22 00:35:13 +03:00
## v0.12.0
What's changed since v0.11.0:
- New rules:
- Azure Kubernetes Service:
- Check AKS cluster name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Check AKS cluster DNS prefix requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Container Registry:
- Check registry name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Front Door:
- Check Front Door name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Load Balancer:
- Check Load Balancer name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Network Security Group:
- Check NSG name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Public IP:
- Check Public IP name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Policy:
- Check Policy definitions use descriptive fields. [#364 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/364 )
- Resource Group:
- Check Resource Group name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Route table
- Check Route table name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- SignalR Service:
- Check SignalR Service name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- SQL Database:
- Check SQL Database uses TDE. [#379 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/379 )
- Check SQL Database uses AAD authentication. [#378 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/378 )
2020-08-13 17:24:51 +03:00
- Storage Account:
2020-05-22 00:35:13 +03:00
- Check Storage Account name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Check Storage blob containers use private access type. [#365 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/365 )
- Virtual Network:
- Check VNET name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Check VNET subnet name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Virtual Network Gateway:
- Check VNG name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Check VNG connection name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Check ExpressRoute Gateway uses current SKU. [#369 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/369 )
- Check VPN Gateway uses current SKU. [#370 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/370 )
- Check VPN Gateway uses active-active configuration. [#371 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/371 )
What's changed since pre-release v0.12.0-B2005026:
- No additional changes.
2020-05-20 16:57:55 +03:00
## v0.12.0-B2005026 (pre-release)
2020-05-18 09:56:54 +03:00
- New rules:
- SQL Database:
- Check SQL Database uses TDE. [#379 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/379 )
- Check SQL Database uses AAD authentication. [#378 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/378 )
2020-05-18 11:16:14 +03:00
- Bug fixes:
- Fixed handling of subnet sub-resource name with slash. [#381 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/381 )
2020-05-18 09:56:54 +03:00
2020-05-18 06:54:06 +03:00
## v0.12.0-B2005019 (pre-release)
2020-05-16 16:25:16 +03:00
- New rules:
2020-05-18 04:12:21 +03:00
- Azure Kubernetes Service:
- Check AKS cluster name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Check AKS cluster DNS prefix requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Container Registry:
- Check registry name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Front Door:
- Check Front Door name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Load Balancer:
- Check Load Balancer name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Network Security Group:
- Check NSG name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Public IP:
- Check Public IP name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Resource Group:
- Check Resource Group name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Route table
- Check Route table name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- SignalR Service:
- Check SignalR Service name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
2020-08-13 17:24:51 +03:00
- Storage Account:
2020-05-18 04:12:21 +03:00
- Check Storage Account name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Virtual Network:
- Check VNET name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Check VNET subnet name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Virtual Network Gateway:
- Check VNG name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
- Check VNG connection name requirements. [#373 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/373 )
2020-05-16 16:25:16 +03:00
- Check ExpressRoute Gateway uses current SKU. [#369 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/369 )
- Check VPN Gateway uses current SKU. [#370 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/370 )
- Check VPN Gateway uses active-active configuration. [#371 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/371 )
2020-05-09 07:44:53 +03:00
## v0.12.0-B2005005 (pre-release)
2020-05-07 10:43:53 +03:00
- New rules:
2020-08-13 17:24:51 +03:00
- Storage Account:
2020-05-07 10:43:53 +03:00
- Check Storage blob containers use private access type. [#365 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/365 )
2020-05-08 12:43:28 +03:00
- Policy:
- Check Policy definitions use descriptive fields. [#364 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/364 )
2020-05-07 10:43:53 +03:00
2020-04-25 08:28:28 +03:00
## v0.11.0
What's changed since v0.10.1:
- New rules:
- Azure Kubernetes Service:
- Check AKS nodes use a minimum number of pods. [#274 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/274 )
- API Management:
- Check API Management products require a subscription. [#342 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/342 )
- Check API Management products require approval. [#343 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/343 )
- Check API Management sample products have been removed. [#344 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/344 )
- Check API Management uses a managed identity. [#345 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/345 )
- Check API Management certificates are not expired. [#346 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/346 )
- General improvements:
- Added name and type bindings for template files. [#353 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/353 )
- **Breaking change**: Renamed configuration options to use a standard prefix. [#327 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/327 )
- Configuration options use the `Azure_` prefix.
- Update configuration settings to use the new name, old configuration names are ignored.
- Renamed `minAKSVersion` to `Azure_AKSMinimumVersion` .
- Renamed `azureAllowedRegions` to `Azure_AllowedRegions` .
2020-07-07 01:42:19 +03:00
- Added configuration option documentation. See [about_PSRule_Azure_Configuration ](https://github.com/Microsoft/PSRule.Rules.Azure/blob/main/docs/concepts/PSRule.Rules.Azure/en-US/about_PSRule_Azure_Configuration.md ) for details.
2020-04-25 08:28:28 +03:00
What's changed since pre-release v0.11.0-B2004012:
2020-04-25 07:56:50 +03:00
- General improvements:
2020-04-25 08:28:28 +03:00
- Added name and type bindings for template files. [#353 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/353 )
2020-04-25 07:56:50 +03:00
2020-04-21 10:24:39 +03:00
## v0.11.0-B2004012 (pre-release)
2020-04-12 16:51:01 +03:00
- New rules:
- Azure Kubernetes Service:
- Check AKS nodes use a minimum number of pods. [#274 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/274 )
2020-04-21 10:10:25 +03:00
- General improvements:
- **Breaking change**: Renamed configuration options to use a standard prefix. [#327 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/327 )
- Configuration options use the `Azure_` prefix.
- Update configuration settings to use the new name, old configuration names are ignored.
- Renamed `minAKSVersion` to `Azure_AKSMinimumVersion` .
- Renamed `azureAllowedRegions` to `Azure_AllowedRegions` .
2020-07-07 01:42:19 +03:00
- Added configuration option documentation. See [about_PSRule_Azure_Configuration ](https://github.com/Microsoft/PSRule.Rules.Azure/blob/main/docs/concepts/PSRule.Rules.Azure/en-US/about_PSRule_Azure_Configuration.md ) for details.
2020-04-12 16:51:01 +03:00
2020-04-12 08:31:05 +03:00
## v0.11.0-B2004005 (pre-release)
2020-04-12 08:02:39 +03:00
- New rules:
- API Management:
- Check API Management products require a subscription. [#342 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/342 )
- Check API Management products require approval. [#343 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/343 )
- Check API Management sample products have been removed. [#344 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/344 )
- Check API Management uses a managed identity. [#345 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/345 )
- Check API Management certificates are not expired. [#346 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/346 )
2020-03-26 15:55:25 +03:00
## v0.10.1
What's changed since v0.10.0:
2020-03-26 14:17:47 +03:00
- Bug fixes:
- Fixed false positive for unused public IP in templates. [#336 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/336 )
- Fixed false positive for use of managed disks in templates. [#337 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/337 )
- Fixed false positive for disk caching when no VM data disks is null in templates. [#338 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/338 )
2020-03-25 01:09:59 +03:00
## v0.10.0
What's changed since v0.9.0:
- New features:
- Added support for linking parameter and template files for analysis with metadata. [#324 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/324 )
- Added `Get-AzRuleTemplateLink` cmdlet to get metadata link to template files.
- See cmdlet help for usage.
- Updated rules:
- Azure Kubernetes Service:
- Updated `Azure.AKS.Version` to 1.16.7. [#330 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/330 )
- General improvements:
- Removed warning message for `azureAllowedRegions` option. [#328 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/328 )
- Improvements to verbose logging of `Export-AzRuleData` . [#301 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/301 )
- Bug fixes:
- Fixed unused VM resource false positives in templates. [#312 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/312 )
- Fixed handling SKU for accelerated networking. [#314 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/314 )
- Fixed detection of hybrid use benefit in templates. [#313 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/313 )
- Fixed exception message when a template or parameter file is not found. [#316 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/316 )
- Fixed detection of diagnostic logging for Front Door. [#307 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/307 )
- Fixed Front Door WAF Policy export. [#308 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/308 )
- Fixed union of object properties in templates. [#303 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/303 )
What's changed since pre-release v0.10.0-B2003051:
- No additional changes.
2020-03-20 15:50:25 +03:00
## v0.10.0-B2003051 (pre-release)
2020-03-20 15:38:08 +03:00
- New features:
- Added support for linking parameter and template files for analysis with metadata. [#324 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/324 )
- Added `Get-AzRuleTemplateLink` cmdlet to get metadata link to template files.
- See cmdlet help for usage.
- General improvements:
- Removed warning message for `azureAllowedRegions` option. [#328 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/328 )
- Updated rules:
- Azure Kubernetes Service:
- Updated `Azure.AKS.Version` to 1.16.7. [#330 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/330 )
2020-03-20 13:48:01 +03:00
2020-03-17 15:44:45 +03:00
## v0.10.0-B2003032 (pre-release)
2020-03-20 15:38:08 +03:00
- Bug fixes:
- Fixed unused VM resource false positives in templates. [#312 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/312 )
- Fixed handling SKU for accelerated networking. [#314 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/314 )
- Fixed detection of hybrid use benefit in templates. [#313 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/313 )
- Fixed exception message when a template or parameter file is not found. [#316 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/316 )
2020-03-13 14:35:12 +03:00
2020-03-08 14:47:26 +03:00
## v0.10.0-B2003004 (pre-release)
2020-03-20 15:38:08 +03:00
- Bug fixes:
- Fixed detection of diagnostic logging for Front Door. [#307 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/307 )
- Fixed Front Door WAF Policy export. [#308 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/308 )
2020-03-08 13:50:36 +03:00
2020-02-28 12:34:36 +03:00
## v0.10.0-B2002023 (pre-release)
2020-03-20 15:38:08 +03:00
- General improvements:
- Improvements to verbose logging of `Export-AzRuleData` . [#301 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/301 )
- Bug fixes:
- Fixed union of object properties in templates. [#303 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/303 )
2020-02-22 09:24:21 +03:00
2020-02-20 12:21:06 +03:00
## v0.9.0
What's changed since v0.8.0:
- New rules:
- Azure Firewall:
- Check threat intelligence is configured as deny. [#266 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/266 )
- Front Door:
- Check Front Door is enabled. [#267 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/267 )
- Check Front Door uses TLS 1.2. [#268 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/268 )
- Check Front Door has a configured WAF policy. [#269 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/269 )
- Check Front Door WAF policy is configured in prevention mode. [#271 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/271 )
- Check Front Door WAF policy is enabled. [#270 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/270 )
- Check if diagnostic logs are configured. [#289 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/289 )
- Traffic Manager:
- Check web-based endpoints are monitored with HTTPS. [#240 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/240 )
- Check at least two endpoints are enabled. [#241 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/241 )
- Key Vault:
- Check soft delete is enabled. [#277 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/277 )
- Check purge protection is enabled. [#280 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/280 )
- Check least privileges permissions assigned in access policy. [#281 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/281 )
- Check if diagnostic logs are configured. [#288 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/288 )
- Subscriptions:
- Check if service health alerts are configured. [#290 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/290 )
- Updated rules:
- Exclude cloud shell storage accounts from data rules. [#278 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/278 )
- `Azure.Storage.UseReplication` and `Azure.Storage.SoftDelete` ignore cloud shell storage accounts.
- General improvements:
- Removed module dependency on `Az.Security` . [#105 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/105 )
- Bug fixes:
- Fixed incorrect string formatting in POSIX culture. [#262 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/262 )
- Fixed `Azure.VNET.UseNSGs` to exclude `AzureFirewallSubnet` . [#261 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/261 )
What's changed since pre-release v0.9.0-B2002036:
- No additional changes.
2020-02-18 15:54:33 +03:00
## v0.9.0-B2002036 (pre-release)
2020-02-18 13:03:47 +03:00
- Exclude cloud shell storage accounts from data rules. [#278 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/278 )
- Added new rule for Subscriptions:
- Check if service health alerts are configured. [#290 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/290 )
- Added new rule for Key Vault:
- Check if diagnostic logs are configured. [#288 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/288 )
- Added new rule for Front Door:
- Check if diagnostic logs are configured. [#289 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/289 )
- Removed module dependency on `Az.Security` . [#105 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/105 )
2020-02-16 14:23:53 +03:00
## v0.9.0-B2002026 (pre-release)
2020-02-15 08:12:42 +03:00
- Added new rules for Traffic Manager:
- Check web-based endpoints are monitored with HTTPS. [#240 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/240 )
- Check at least two endpoints are enabled. [#241 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/241 )
2020-02-16 12:18:36 +03:00
- Added new rules for Key Vault:
- Check soft delete is enabled. [#277 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/277 )
- Check purge protection is enabled. [#280 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/280 )
- Check least privileges permissions assigned in access policy. [#281 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/281 )
2020-02-15 08:12:42 +03:00
2020-02-10 17:08:43 +03:00
## v0.9.0-B2002019 (pre-release)
2020-02-08 11:09:39 +03:00
- Added new rule to check Azure Firewall threat intelligence is configured as deny. [#266 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/266 )
2020-02-15 08:12:42 +03:00
- Added new rules for Front Door:
- Check Front Door is enabled. [#267 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/267 )
- Check Front Door uses TLS 1.2. [#268 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/268 )
- Check Front Door has a configured WAF policy. [#269 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/269 )
- Check Front Door WAF policy is configured in prevention mode. [#271 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/271 )
- Check Front Door WAF policy is enabled. [#270 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/270 )
2020-02-08 11:09:39 +03:00
2020-02-06 16:59:10 +03:00
## v0.9.0-B2002011 (pre-release)
2020-02-06 14:22:54 +03:00
- Fixed incorrect string formatting in POSIX culture. [#262 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/262 )
2020-02-06 14:44:36 +03:00
- Fixed `Azure.VNET.UseNSGs` to exclude `AzureFirewallSubnet` . [#261 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/261 )
2020-02-06 14:22:54 +03:00
2020-01-17 05:45:12 +03:00
## v0.8.0
What's changed since v0.7.0:
- New rules:
- API Management:
2020-02-20 12:21:06 +03:00
- Check API Management uses secure protocol versions. [#237 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/237 )
- Check API Management published APIs use HTTPS. [#236 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/236 )
- Check API Management backend connections use HTTPS. [#238 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/238 )
- Check API Management named values are encrypted. [#239 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/239 )
2020-01-17 05:45:12 +03:00
- Automation Accounts:
2020-02-20 12:21:06 +03:00
- Check automation accounts use encrypted variables. [#211 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/211 )
- Check automation account webhook expiry interval. [#212 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/212 )
2020-01-17 05:45:12 +03:00
- CDN:
2020-02-20 12:21:06 +03:00
- Check Azure CDN connections use HTTPS. [#242 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/242 )
2020-01-17 05:45:12 +03:00
- Resource Manager Templates:
2020-02-20 12:21:06 +03:00
- Check ARM template and parameter file structure. [#225 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/225 )
2020-01-17 05:45:12 +03:00
- Updated rules:
- Azure Kubernetes Service:
2020-02-06 14:22:54 +03:00
- Updated `Azure.AKS.Version` to 1.15.7. [#247 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/247 )
2020-01-17 05:45:12 +03:00
- Virtual networks:
2020-02-06 14:22:54 +03:00
- Updated `Azure.VNET.UseNSGs` to apply to subnet resources from templates. [#246 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/246 )
2020-01-17 05:45:12 +03:00
- General improvements:
2020-02-06 14:22:54 +03:00
- Improvements to rule help wording and usage of links section. [#220 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/220 ) [#224 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/224 ) [#257 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/257 )
2020-01-17 05:45:12 +03:00
- Documentation and reasons messages are now available for all `en` cultures.
2020-02-06 14:22:54 +03:00
- Various updates to rule implementation to take advantage of PSRule v0.12.0 language features. [#220 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/220 )
- **Breaking change**: Shorten rule names to improve output display. [#119 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/119 )
2020-01-17 05:45:12 +03:00
- Application Gateway rules have been renamed from `Azure.VirtualNetwork.*` to `Azure.AppGW.*` .
- Load balancer rules have been renamed from `Azure.VirtualNetwork.*` to `Azure.LB.*` .
- NSG rules have been renamed from `Azure.VirtualNetwork.*` to `Azure.NSG.*` .
- VNET rules have been renamed from `Azure.VirtualNetwork.*` to `Azure.VNET.*` .
- NIC rules have been renamed from `Azure.VirtualNetwork.*` to `Azure.VM.*` .
- Renamed storage account rule `Azure.Storage.SecureTransferRequired` to `Azure.Storage.SecureTransfer` .
- Bug fixes:
2020-02-06 14:22:54 +03:00
- Fix `Azure.Resource.UseTags` applying to template and parameter files. [#230 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/230 )
2020-01-17 05:45:12 +03:00
What's changed since pre-release v0.8.0-B2001029:
2020-02-06 14:22:54 +03:00
- Fixed `Azure.VNET.UseNSGs` not populating subnet name in reason message. [#256 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/256 )
- Updated reason strings to use parent culture `en` . [#257 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/257 )
2020-01-17 01:54:28 +03:00
2020-01-15 11:43:02 +03:00
## v0.8.0-B2001029 (pre-release)
2020-02-06 14:22:54 +03:00
- Updated `Azure.VNET.UseNSGs` to apply to subnet resources from templates. [#246 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/246 )
- Updated `Azure.AKS.Version` to 1.15.7. [#247 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/247 )
- **Breaking change**: Renamed `Azure.File.*` rules to `Azure.Template.*` . [#252 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/252 )
2020-01-14 05:49:44 +03:00
2020-01-13 18:03:57 +03:00
## v0.8.0-B2001018 (pre-release)
2020-03-20 15:38:08 +03:00
- Fixed `Azure.Resource.UseTags` applying to template and parameter files. [#230 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/230 )
- Fixed ARM template and parameter schemas used to detect files. [#234 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/234 )
2020-02-06 14:22:54 +03:00
- Added new rule to check API Management uses secure protocol versions. [#237 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/237 )
- Added new rule to check API Management published APIs use HTTPS. [#236 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/236 )
- Added new rule to check API Management backend connections use HTTPS. [#238 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/238 )
- Added new rule to check API Management named values are encrypted. [#239 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/239 )
- Added new rule to check Azure CDN connections use HTTPS. [#242 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/242 )
2020-01-10 03:07:32 +03:00
2020-01-05 18:19:49 +03:00
## v0.8.0-B2001006 (pre-release)
2020-02-06 14:22:54 +03:00
- Updated documentation to use parent culture `en` . [#224 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/224 )
- Added rules for ARM template and parameter file structure. [#225 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/225 )
- **Breaking change**: Application Gateway rules have been renamed from `Azure.VirtualNetwork.*` to `Azure.AppGW.*` . [#119 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/119 )
- **Breaking change**: Load balancer rules have been renamed from `Azure.VirtualNetwork.*` to `Azure.LB.*` . [#119 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/119 )
- **Breaking change**: NSG rules have been renamed from `Azure.VirtualNetwork.*` to `Azure.NSG.*` . [#119 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/119 )
- **Breaking change**: VNET rules have been renamed from `Azure.VirtualNetwork.*` to `Azure.VNET.*` . [#119 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/119 )
- **Breaking change**: NIC rules have been renamed from `Azure.VirtualNetwork.*` to `Azure.VM.*` . [#119 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/119 )
- **Breaking change**: Renamed storage account rule `Azure.Storage.SecureTransferRequired` to `Azure.Storage.SecureTransfer` . [#119 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/119 )
2020-01-05 16:21:55 +03:00
2019-12-30 15:20:31 +03:00
## v0.8.0-B1912026 (pre-release)
2020-02-06 14:22:54 +03:00
- Fixed Automation account handling with no webhooks or variables. [#219 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/219 )
- Rule improvements from PSRule v0.12.0. [#220 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/220 )
- Updated `Azure.AKS.Version` to 1.15.5. [#217 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/217 )
2019-12-30 13:38:49 +03:00
2019-12-27 16:14:19 +03:00
## v0.8.0-B1912012 (pre-release)
2020-02-06 14:22:54 +03:00
- Added new rule to check automation accounts use encrypted variables. [#211 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/211 )
- Added new rule to check automation account webhook expiry interval. [#212 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/212 )
2019-12-27 16:14:19 +03:00
2019-12-20 14:45:39 +03:00
## v0.7.0
What's changed since v0.6.0:
- New rules:
- Role assignment:
2020-02-20 12:21:06 +03:00
- Check presence of classic Co-Administrators. [#188 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/188 )
2020-01-17 05:45:12 +03:00
- Azure Kubernetes Service:
2020-02-20 12:21:06 +03:00
- Check AKS node pool version matches cluster version. [#186 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/186 )
- Check AKS clusters use pod security policies. [#142 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/142 )
- Check AKS clusters use network policies. [#143 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/143 )
- Check AKS node pools use scale sets. [#187 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/187 )
2019-12-20 14:45:39 +03:00
- Updated rules:
2020-01-17 05:45:12 +03:00
- Azure Kubernetes Service:
2020-02-06 14:22:54 +03:00
- Updated `Azure.AKS.Version` to check for node pool version. [#191 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/191 )
2019-12-20 14:45:39 +03:00
- General improvements:
2020-02-06 14:22:54 +03:00
- Added custom bindings for common resource properties. [#202 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/202 )
- Added new baseline to include rules for preview features. [#190 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/190 )
- **Breaking change**: Shorten rule names to improve output display. [#119 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/119 )
2019-12-20 14:45:39 +03:00
- RBAC rules have been renamed from `Azure.Subscription.*` to `Azure.RBAC.*` .
- Security Center rules have been renamed from `Azure.Subscription.*` to `Azure.SecureCenter.*` .
2020-02-06 14:22:54 +03:00
- **Breaking change**: Renamed default baseline from `Azure.SubscriptionDefault` to `Azure.Default` . [#190 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/190 )
2019-12-20 14:45:39 +03:00
- Bug fixes:
2020-02-06 14:22:54 +03:00
- Fixed handling of tags for sub-resources. [#203 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/203 )
- Fixed missing cmdlet help. [#196 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/196 )
- Fixed AKS templates without node pool orchestratorVersion fail. [#198 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/198 )
- Fixed null reference without parameters file. [#189 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/189 )
2019-12-20 14:45:39 +03:00
What's changed since pre-release v0.7.0-B1912024:
- No additional changes.
2019-12-19 03:50:22 +03:00
## v0.7.0-B1912024 (pre-release)
2020-02-06 14:22:54 +03:00
- Fixed handling of tags for sub-resources. [#203 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/203 )
- Added custom bindings for common resource properties. [#202 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/202 )
2019-12-17 14:13:15 +03:00
2019-12-12 05:14:27 +03:00
## v0.7.0-B1912017 (pre-release)
2020-02-06 14:22:54 +03:00
- Fixed missing cmdlet help. [#196 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/196 )
- Fixed AKS templates without node pool orchestratorVersion fail. [#198 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/198 )
2019-12-08 14:13:40 +03:00
2019-12-07 15:54:19 +03:00
## v0.7.0-B1912008 (pre-release)
2020-02-06 14:22:54 +03:00
- Fixed null reference without parameters file. [#189 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/189 )
- Added new rule to check presence of classic Co-Administrators. [#188 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/188 )
- Added new rule to check AKS node pool version matches cluster version. [#186 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/186 )
- Added new rule to check AKS clusters use pod security policies. [#142 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/142 )
- Added new rule to check AKS clusters use network policies. [#143 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/143 )
- Added new rule to check AKS node pools use scale sets. [#187 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/187 )
- Added new baseline to include rules for preview features. [#190 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/190 )
- Updated `Azure.AKS.Version` to check for node pool version. [#191 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/191 )
- **Breaking change**: RBAC rules have been renamed from `Azure.Subscription.*` to `Azure.RBAC.*` . [#119 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/119 )
- **Breaking change**: Security Center rules have been renamed from `Azure.Subscription.*` to `Azure.SecureCenter.*` . [#119 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/119 )
- **Breaking change**: Renamed default baseline from `Azure.SubscriptionDefault` to `Azure.Default` . [#190 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/190 )
2019-12-07 14:56:38 +03:00
2019-12-02 15:43:45 +03:00
## v0.6.0
What's changed since v0.5.0:
- New features:
2020-02-06 14:22:54 +03:00
- Added support for exporting rule data from templates. [#145 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/145 )
2019-12-02 15:43:45 +03:00
- Added `Export-AzTemplateRuleData` cmdlet to export templates. See cmdlet help for limitations.
- Template and parameters are merged, resolving functions, copy loops and conditions.
- Updated rules:
- Azure Kubernetes Services:
2020-02-06 14:22:54 +03:00
- Updated `Azure.AKS.Version` to 1.14.8. [#140 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/140 )
2019-12-02 15:43:45 +03:00
- General improvements:
2020-02-06 14:22:54 +03:00
- Updated rules to use type pre-conditions. [#144 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/144 )
2019-12-02 15:43:45 +03:00
- Bug fixes:
2020-02-06 14:22:54 +03:00
- Fixed processing of `Azure.Resource.UseTags` to exclude `*/providers/roleAssignments` . [#155 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/155 )
2019-12-02 15:43:45 +03:00
- Provider role assignments do not support tags.
2020-02-06 14:22:54 +03:00
- Fixed processing of `Azure.Resource.AllowedRegions` . [#156 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/156 )
2019-12-02 15:43:45 +03:00
- Exclude `*/providers/roleAssignments` , `Microsoft.Authorization/*` and `Microsoft.Consumption/*` .
2020-02-06 14:22:54 +03:00
- Fixed processing of `Azure.VirtualNetwork.NSGAssociated` for templates. [#150 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/150 )
- Fixed processing of `Azure.VirtualNetwork.LateralTraversal` when `destinationPortRanges` is used. [#149 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/149 )
2019-12-02 15:43:45 +03:00
What's changed since pre-release v0.6.0-B1911046:
- No additional changes.
2019-11-27 15:40:30 +03:00
## v0.6.0-B1911046 (pre-release)
2020-02-06 14:22:54 +03:00
- Improved template support of `Export-AzTemplateRuleData` cmdlet. [#145 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/145 )
2019-11-19 14:51:19 +03:00
- Added support for `deployment` function.
2019-11-22 01:55:10 +03:00
- Fixed property copy loop.
2020-02-06 14:22:54 +03:00
- Fixed `Export-AzTemplateRuleData` does not return FileInfo objects. [#162 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/162 )
- Fixed automatically name outputs from `Export-AzTemplateRuleData` . [#163 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/163 )
- Fixed resource segmentation issue when ResourceType includes trailing slash. [#165 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/165 )
- Fixed expand resource template property as null fails. [#167 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/167 )
- Fixed case-sensitivity of variables, parameters and functions. [#168 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/168 )
- Fixed out of order parameter and variables cross reference. [#170 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/170 )
- Fixed expression parser race condition. [#171 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/171 )
- Fixed handling of padding spaces in expressions. [#173 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/173 )
- Fixed property of property is parsed incorrectly. [#174 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/174 )
- Fixed root variable copy loop handling. [#175 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/175 )
2019-11-19 14:51:19 +03:00
2019-11-17 10:17:23 +03:00
## v0.6.0-B1911027 (pre-release)
2020-02-06 14:22:54 +03:00
- Fixed processing of `Azure.Resource.UseTags` to exclude `*/providers/roleAssignments` . [#155 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/155 )
2019-11-14 06:44:44 +03:00
- Provider role assignments do not support tags.
2020-02-06 14:22:54 +03:00
- Fixed processing of `Azure.Resource.AllowedRegions` . [#156 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/156 )
2019-11-14 06:44:44 +03:00
- Exclude `*/providers/roleAssignments` , `Microsoft.Authorization/*` and `Microsoft.Consumption/*` .
2019-11-12 15:19:28 +03:00
## v0.6.0-B1911020 (pre-release)
2020-02-06 14:22:54 +03:00
- Fixed processing of `Azure.VirtualNetwork.NSGAssociated` for templates. [#150 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/150 )
- Fixed processing of `Azure.VirtualNetwork.LateralTraversal` when `destinationPortRanges` is used. [#149 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/149 )
- Improved template support of `Export-AzTemplateRuleData` cmdlet. [#145 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/145 )
2019-11-12 14:42:51 +03:00
- Added support for nested templates.
- Added support for `array` , `createArray` , `coalesce` , `intersection` , `dataUri` and `dataUriToString` functions.
2019-11-10 15:42:39 +03:00
2019-11-09 09:31:03 +03:00
## v0.6.0-B1911011 (pre-release)
2020-02-06 14:22:54 +03:00
- Updated `Azure.AKS.Version` to 1.14.8. [#140 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/140 )
- Updated rules to use type pre-conditions. [#144 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/144 )
- **Experimental**: Added support for exporting rule data from templates. [#145 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/145 )
2019-11-09 09:19:07 +03:00
- Added `Export-AzTemplateRuleData` cmdlet to export templates. See cmdlet help for limitations.
- Template and parameters are merged, resolving functions, copy loops and conditions.
2019-10-30 02:56:46 +03:00
2019-10-24 12:01:49 +03:00
## v0.5.0
What's changed since v0.4.0:
- New rules:
- Virtual machines:
2020-02-20 12:21:06 +03:00
- Check Windows automatic updates are enabled. [#132 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/132 )
- Check VM agent is automatically provisioned. [#131 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/131 )
2019-10-24 12:01:49 +03:00
- Updated rules:
- Azure Kubernetes Services:
2020-02-06 14:22:54 +03:00
- Updated `Azure.AKS.Version` to 1.14.6. [#130 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/130 )
2019-10-24 12:01:49 +03:00
- General improvements:
2020-02-06 14:22:54 +03:00
- Shorten rule names for virtual machined to `Azure.VM.*` to improve output display. [#119 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/119 )
2019-10-24 12:01:49 +03:00
- **Breaking change**: Rules have been renamed from `Azure.VirtualMachine.*` to `Azure.VM.*` .
What's changed since pre-release v0.5.0-B1910004:
- No additional changes.
2019-10-12 14:09:27 +03:00
## v0.5.0-B1910004 (pre-release)
2020-02-06 14:22:54 +03:00
- Added rule to verify Windows automatic updates are enabled. [#132 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/132 )
- Added rule to verify VM agent is automatically provisioned. [#131 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/131 )
- Updated `Azure.AKS.Version` to 1.14.6. [#130 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/130 )
- **Breaking change**: Renamed `Azure.VirtualMachine.*` rules to `Azure.VM.*` . [#119 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/119 )
2019-10-04 07:07:53 +03:00
2019-09-25 02:23:26 +03:00
## v0.4.0
What's changed since v0.3.0:
- New rules:
- Virtual machines:
2020-02-06 14:22:54 +03:00
- Added rule to verify Azure Disk Encryption. [#122 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/122 )
- Added rule to check if public key is used for Linux. [#123 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/123 )
2019-09-25 02:23:26 +03:00
- Virtual networking:
2020-02-06 14:22:54 +03:00
- Added rule to verify connectivity of VNET peers. [#120 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/120 )
- Added rule to check configuration of HTTP/ HTTPS load balancer probes. [#121 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/121 )
2019-09-25 02:23:26 +03:00
- General improvements:
2020-02-06 14:22:54 +03:00
- Removed dependency on Az.Storage module. [#105 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/105 )
- Added default baseline to module. [#126 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/126 )
2019-09-25 02:23:26 +03:00
What's changed since pre-release v0.4.0-B190902:
2020-02-06 14:22:54 +03:00
- Added default baseline to module. [#126 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/126 )
2019-09-25 01:59:25 +03:00
2019-09-17 17:09:36 +03:00
## v0.4.0-B190902 (pre-release)
2020-02-06 14:22:54 +03:00
- Added rule to verify connectivity of VNET peers. [#120 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/120 )
- Added rule to check configuration of HTTP/ HTTPS load balancer probes. [#121 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/121 )
- Added rule to verify Azure Disk Encryption. [#122 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/122 )
- Added rule to check if public key is used for Linux. [#123 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/123 )
- Removed dependency on Az.Storage module. [#105 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/105 )
2019-09-17 16:21:37 +03:00
2019-08-17 06:05:28 +03:00
## v0.3.0
What's changed since v0.2.0:
- New rules:
- App Services:
2020-02-06 14:22:54 +03:00
- Enforce minimum TLS version for App Service. [#99 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/99 )
2019-08-17 06:05:28 +03:00
- Resource clean up:
2020-02-06 14:22:54 +03:00
- Network security groups that are not associated. [#93 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/93 )
- Unattached network interfaces. [#92 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/92 )
2019-08-17 06:05:28 +03:00
- Role assignment:
2020-02-06 14:22:54 +03:00
- Added subscription RBAC delegation rules. [#107 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/107 )
2019-08-17 06:05:28 +03:00
- Check for number of subscription owners.
- Check for RBAC inheritance from management groups.
- Check for user RBAC assignments.
- Check for RBAC delegation on individual resources.
- Virtual machines:
2020-02-06 14:22:54 +03:00
- VMs should avoid using expired promo SKUs. [#87 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/87 )
- VMs should avoid using basic SKUs. [#69 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/69 )
2019-08-17 06:05:28 +03:00
- Virtual networking:
2020-02-06 14:22:54 +03:00
- Added NSG rule to check for lateral traversal security rules. [#103 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/103 )
- Added rule to detect deny all inbound NSG rule. [#94 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/94 )
2019-08-17 06:05:28 +03:00
- Updated rules:
- App Services:
2020-02-06 14:22:54 +03:00
- Updated App Service site rules to include slots. [#100 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/100 )
2019-08-17 06:05:28 +03:00
- `Azure.AppService.ARRAffinity` and `Azure.AppService.UseHTTPS` now run against slots.
- Azure Kubernetes Services:
2020-02-06 14:22:54 +03:00
- Updated `Azure.AKS.Version` to 1.14.5. [#109 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/109 )
2019-08-17 06:05:28 +03:00
- Bug fixes:
2020-02-06 14:22:54 +03:00
- Fix handling of empty DNS servers in `Azure.VirtualNetwork.LocalDNS` . [#84 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/84 )
- Fix handling of no peering connections in `Azure.VirtualNetwork.LocalDNS` . [#89 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/89 )
- Fix export of additional properties for `Microsoft.Sql/servers` . [#114 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/114 )
- Excluded global services from Azure.Resource.AllowedRegions. [#96 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/96 )
2019-08-17 06:05:28 +03:00
What's changed since pre-release v0.3.0-B190807:
2020-02-06 14:22:54 +03:00
- Fix export of additional properties for `Microsoft.Sql/servers` . [#114 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/114 )
2019-08-17 05:39:34 +03:00
2019-08-13 18:35:20 +03:00
## v0.3.0-B190807 (pre-release)
2020-02-06 14:22:54 +03:00
- Updated `Azure.AKS.Version` to 1.14.5. [#109 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/109 )
- Added subscription RBAC delegation rules. [#107 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/107 )
2019-08-13 15:54:07 +03:00
- Check for number of subscription owners.
- Check for RBAC inheritance from management groups.
- Check for user RBAC assignments.
- Check for RBAC delegation on individual resources.
2019-08-13 03:41:26 +03:00
2019-07-28 17:17:15 +03:00
## v0.3.0-B190723 (pre-release)
2020-02-06 14:22:54 +03:00
- Excluded global services from Azure.Resource.AllowedRegions. [#96 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/96 )
- Enforce minimum TLS version for App Service. [#99 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/99 )
- Updated App Service site rules to include slots. [#100 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/100 )
2019-07-25 10:09:25 +03:00
- `Azure.AppService.ARRAffinity` and `Azure.AppService.UseHTTPS` now run against slots.
2020-02-06 14:22:54 +03:00
- Added rule to detect deny all inbound NSG rule. [#94 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/94 )
2019-07-26 01:47:01 +03:00
- Added unused resource rules.
2020-02-06 14:22:54 +03:00
- Network security groups that are not associated. [#93 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/93 )
- Unattached network interfaces. [#92 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/92 )
- Added NSG rule to check for lateral traversal security rules. [#103 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/103 )
2019-07-19 16:21:23 +03:00
2019-07-16 16:41:26 +03:00
## v0.3.0-B190710 (pre-release)
2020-02-06 14:22:54 +03:00
- Fix handling of empty DNS servers in `Azure.VirtualNetwork.LocalDNS` . [#84 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/84 )
- Fix handling of no peering connections in `Azure.VirtualNetwork.LocalDNS` . [#89 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/89 )
- Updated AKS version in `Azure.AKS.Version` to 1.13.7. [#83 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/83 )
2019-07-16 16:29:05 +03:00
- Added VM SKU rules:
2020-02-06 14:22:54 +03:00
- VMs should avoid using expired promo SKUs. [#87 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/87 )
- VMs should avoid using basic SKUs. [#69 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/69 )
2019-07-15 15:23:49 +03:00
2019-07-09 16:33:07 +03:00
## v0.2.0
What's changed since v0.1.0:
2020-02-06 14:22:54 +03:00
- Fix rule `Azure.AKS.UseRBAC` returns null. [#60 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/60 )
- Fix rule `Azure.Storage.SoftDelete` and `Azure.Storage.SecureTransferRequired` returns null. [#64 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/64 )
- Fix collection of ASR vault configuration for cmdlet deprecation. [#63 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/63 )
- Updated rules to use `Recommend` keyword instead of `Hint` alias. [#71 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/71 )
- Added SQL firewall rule range check to determine an excessive number of permitted IP addresses. [#3 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/3 ) [#10 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/10 ) [#54 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/54 )
2019-07-09 16:33:07 +03:00
- The rules `Azure.SQL.FirewallIPRange` , `Azure.MySQL.FirewallIPRange` and `Azure.PostgreSQL.FirewallIPRange` were added to check SQL, MySQL and PostgreSQL.
2020-02-06 14:22:54 +03:00
- Added parameters to filter resource export by resource group and/ or tag. [#59 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/59 )
2019-07-09 16:33:07 +03:00
- Added `-ResourceGroupName` and `-Tag` parameters to `Export-AzRuleData` cmdlet.
2020-02-06 14:22:54 +03:00
- Added support for Application Gateway v2. [#75 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/75 )
- Added VNET rule to check for local DNS. [#68 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/68 )
- Added WAF hardening rules for Application Gateway. [#78 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/78 )
2019-07-09 16:33:07 +03:00
- Application Gateways use OWASP 3.x rules.
- Application Gateways have WAF enabled.
- Application Gateways have all OWASP rules enabled.
What's changed since pre-release v0.2.0-B190715:
- No additional changes.
2019-07-05 16:50:31 +03:00
## v0.2.0-B190715 (pre-release)
2020-02-06 14:22:54 +03:00
- Added support for Application Gateway v2. [#75 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/75 )
- Added VNET rule to check for local DNS. [#68 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/68 )
- Added WAF hardening rules for Application Gateway. [#78 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/78 )
2019-07-05 16:42:37 +03:00
- Application Gateways use OWASP 3.x rules.
- Application Gateways have WAF enabled.
- Application Gateways have all OWASP rules enabled.
2019-07-01 11:34:35 +03:00
2019-07-01 05:46:11 +03:00
## v0.2.0-B190706 (pre-release)
2020-02-06 14:22:54 +03:00
- Fix rule `Azure.AKS.UseRBAC` returns null. [#60 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/60 )
- Fix rule `Azure.Storage.SoftDelete` and `Azure.Storage.SecureTransferRequired` returns null. [#64 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/64 )
- Fix collection of ASR vault configuration for cmdlet deprecation. [#63 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/63 )
- Added SQL firewall rule range check to determine an excessive number of permitted IP addresses. [#3 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/3 ) [#10 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/10 ) [#54 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/54 )
2019-06-29 15:48:21 +03:00
- The rules `Azure.SQL.FirewallIPRange` , `Azure.MySQL.FirewallIPRange` and `Azure.PostgreSQL.FirewallIPRange` were added to check SQL, MySQL and PostgreSQL.
2020-02-06 14:22:54 +03:00
- Updated rules to use `Recommend` keyword instead of `Hint` alias. [#71 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/71 )
- Added parameters to filter resource export by resource group and/ or tag. [#59 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/59 )
2019-06-27 06:52:05 +03:00
- Added `-ResourceGroupName` and `-Tag` parameters to `Export-AzRuleData` cmdlet.
2019-06-13 02:21:19 +03:00
## v0.1.0
- Initial release.
What's changed since pre-release v0.1.0-B190624:
- No additional changes.
2019-06-12 06:48:32 +03:00
## v0.1.0-B190624 (pre-release)
2020-02-06 14:22:54 +03:00
- Added rule to check if allow access to Azure services enabled for MySQL. [#4 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/4 )
- Added rule to count the number of database server firewall rules for MySQL. [#2 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/2 )
- Added rule to check if allow access to Azure services enabled for PostgreSQL. [#50 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/50 )
- Added rule to count the number of database server firewall rules for PostgreSQL. [#51 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/51 )
- Added rule to check if SSL is enforced for PostgreSQL. [#49 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/49 )
2019-06-11 16:38:21 +03:00
2019-06-10 16:30:53 +03:00
## v0.1.0-B190607 (pre-release)
2020-02-06 14:22:54 +03:00
- Added rule documentation. [#40 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/40 )
2019-06-10 16:19:29 +03:00
2019-05-24 01:49:38 +03:00
## v0.1.0-B190569 (pre-release)
2020-02-06 14:22:54 +03:00
- Fix exported resource data overwritten. [#34 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/34 )
2019-05-23 16:26:53 +03:00
2019-05-20 13:36:57 +03:00
## v0.1.0-B190562 (pre-release)
2020-02-06 14:22:54 +03:00
- Add units tests for `Export-AzRuleData` and update filters. [#28 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/28 )
- `Export-AzRuleData` returns files generated by default. [#27 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/27 )
- `Export-AzRuleData` passes through objects resource objects to the pipeline. [#25 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/25 )
- **Breaking change** - `Export-AzRuleData` only exports data from current subscription context by default. [#24 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/24 )
2019-05-20 12:32:09 +03:00
- Data can be exported from all subscription contexts by using the `-All` switch, or specifying specific subscriptions with the `-Subscription` or `-Tenant` parameters.
2019-05-19 10:57:11 +03:00
2019-05-20 12:32:09 +03:00
## v0.1.0-B190543 (pre-release)
2019-05-17 17:40:32 +03:00
2020-02-06 14:22:54 +03:00
- Fix cannot find the type for custom attribute error. [#21 ](https://github.com/Microsoft/PSRule.Rules.Azure/issues/21 )
2019-05-17 16:56:27 +03:00
2019-05-20 12:32:09 +03:00
## v0.1.0-B190536 (pre-release)
2019-05-17 14:44:34 +03:00
2019-06-13 02:21:19 +03:00
- Initial pre-release.
