Skip to content

Releases: Azure/PSRule.Rules.Azure

v1.39.0-B0029

07 Aug 23:32
@BernieWhite BernieWhite
v1.39.0-B0029
e4dedd8
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.39.0-B0029 Pre-release
Pre-release

What's changed since pre-release v1.39.0-B0009:

  • New rules:
    • Azure Kubernetes Service:
      • Verify that clusters have kube-audit logging disabled when not required by @BenjaminEngeset.
        #2450
      • Verify that clusters have the customer-controlled maintenance windows aksManagedAutoUpgradeSchedule and aksManagedNodeOSUpgradeSchedule configured by @BenjaminEngeset.
        #2444
    • Virtual Network:
      • Verify that zonal-deployed Azure firewalls uses Azure NAT Gateway for outbound access by @BenjaminEngeset.
        ##3005
      • Verify that subnets have disabled default outbound access for virtual machines by @BenjaminEngeset.
        #3001
  • Updated rules:
    • Virtual Network:
      • Updated Azure.VNET.UseNSGs to correctly handle cases for special purpose and customer-excluded subnets by @BenjaminEngeset.
        #3007
  • General improvements:

See change log.

Contributors

BernieWhite and BenjaminEngeset
Assets 2
Loading

v1.39.0-B0009

16 Jul 03:06
@BernieWhite BernieWhite
v1.39.0-B0009
721abad
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.39.0-B0009 Pre-release
Pre-release

What's changed since v1.38.0:

  • New rules:
    • App Service:
    • App Service Environment:
    • Azure SQL Database:
      • Verify that Azure SQL databases have a customer-controlled maintenance window configured by @BenjaminEngeset.
        #2956
    • Azure SQL Managed Instance:
      • Verify that Azure SQL Managed Instances have a customer-controlled maintenance window configured by @BenjaminEngeset.
        #2979
    • Service Bus:
  • Engineering:
    • Bump xunit to v2.9.0.
      #2982
    • Bump xunit.runner.visualstudio to v2.8.2.
      #2982

See change log.

Contributors

BenjaminEngeset
Assets 2
Loading

v1.38.0

07 Jul 11:22
@BernieWhite BernieWhite
v1.38.0
783a85f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.38.0 Latest
Latest

What's changed since v1.37.0:

  • New features:
    • Added March 2024 baselines Azure.GA_2024_06 and Azure.Preview_2024_06 by @BernieWhite.
      #2961
      • Includes rules released before or during June 2024.
      • Marked Azure.GA_2024_03 and Azure.Preview_2024_03 baselines as obsolete.
  • New rules:
    • Azure Database for MySQL:
      • Verify that Azure Database for MySQL servers have a customer-controlled maintenance window configured by @BenjaminEngeset.
        #2916
      • Verify that servers have zone-redundant high availability (HA) configured by @BenjaminEngeset.
        #2914
    • Azure Database for PostgreSQL:
      • Verify that Azure Database for PostgreSQL servers have a customer-controlled maintenance window configured by @BenjaminEngeset.
        #2927
      • Verify that servers have zone-redundant high availability (HA) configured by @BenjaminEngeset.
        #2932
    • Azure Firewall:
    • Azure Kubernetes Service:
    • Azure Virtual Desktop:
    • Cosmos DB:
    • Virtual Network Gateway:
      • Verify that VPN/ExpressRoute gateways have a customer-controlled maintenance configuration configured by @BenjaminEngeset.
        #2910
    • Virtual Machine Scale Sets:
  • Updated rules:
    • Azure Kubernetes Service:
      • Updated Azure.AKS.Version to use 1.28.9 as the minimum version by @BernieWhite.
        #2930
    • Virtual Machine:
      • Updated Azure.VM.MaintenanceConfig to align to the reliability pillar by @BernieWhite.
        #2925
        • Promoted to GA and bumped rule set to 2024_06.
  • Engineering:
  • Bug fixes:
    • Fixed handling of multi-line descriptions for policy definition and assignment exports by @BernieWhite.
      #2973
    • Fixed support for references function by @BernieWhite.
      #2922
    • Fixed group by subscription casing when exporting in-flight resources by @BernieWhite.
      #2957
    • Fixed install Az.Resources warning by @BernieWhite.
      #2887
      • Added new configuration option set by environment variable to suppress the warning.
      • Set PSRULE_AZURE_RESOURCE_MODULE_NOWARN to true to suppress the warning.
    • Fixed filter on unknown runtime property by @BernieWhite.
      #2966
    • Fixed failed to expand with direct outputs reference by @BernieWhite.
      #2935
    • Fixed identification of list* function false positive with resource by @BernieWhite.
      #2919
    • Fixed documentation bugs for container apps by @BernieWhite.
      #2876

What's changed since pre-release v1.38.0-B0068:

  • No additional changes.

See change log.

Contributors

BernieWhite, sharmilamusunuru, and BenjaminEngeset
Assets 2
Loading

v1.38.0-B0106

06 Jul 12:19
@BernieWhite BernieWhite
v1.38.0-B0106
4b6720a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.38.0-B0106 Pre-release
Pre-release

What's changed since pre-release v1.38.0-B0068:

  • New rules:
  • Bug fixes:

See change log.

Contributors

BernieWhite and BenjaminEngeset
Assets 2
Loading

v1.38.0-B0068

03 Jul 17:37
@BernieWhite BernieWhite
v1.38.0-B0068
f7ccc3b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.38.0-B0068 Pre-release
Pre-release

What's changed since pre-release v1.38.0-B0034:

  • New features:
    • Added March 2024 baselines Azure.GA_2024_06 and Azure.Preview_2024_06 by @BernieWhite.
      #2961
      • Includes rules released before or during June 2024.
      • Marked Azure.GA_2024_03 and Azure.Preview_2024_03 baselines as obsolete.
  • Engineering:
  • Bug fixes:
    • Fixed support for references function by @BernieWhite.
      #2922
    • Fixed group by subscription casing when exporting in-flight resources by @BernieWhite.
      #2957
    • Fixed install Az.Resources warning by @BernieWhite.
      #2887
      • Added new configuration option set by environment variable to suppress the warning.
      • Set PSRULE_AZURE_RESOURCE_MODULE_NOWARN to true to suppress the warning.
    • Fixed filter on unknown runtime property by @BernieWhite.
      #2966

See change log.

Contributors

BernieWhite
Assets 2
Loading

v1.38.0-B0034

19 Jun 16:42
@BernieWhite BernieWhite
v1.38.0-B0034
8af0340
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.38.0-B0034 Pre-release
Pre-release

What's changed since pre-release v1.38.0-B0011:

  • New rules:
    • Azure Kubernetes Service:
    • Azure Virtual Desktop:
    • Virtual Machine Scale Sets:
  • Engineering:
  • Bug fixes:

See change log.

Contributors

BernieWhite, sharmilamusunuru, and BenjaminEngeset
Assets 2
Loading

v1.38.0-B0011

14 Jun 01:13
@BernieWhite BernieWhite
v1.38.0-B0011
a598633
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.38.0-B0011 Pre-release
Pre-release

What's changed since v1.37.0:

  • New rules:
    • Azure Database for MySQL:
      • Verify that Azure Database for MySQL servers have a customer-controlled maintenance window configured by @BenjaminEngeset.
        #2916
      • Verify that servers have zone-redundant high availability (HA) configured by @BenjaminEngeset.
        #2914
    • Azure Database for PostgreSQL:
      • Verify that Azure Database for PostgreSQL servers have a customer-controlled maintenance window configured by @BenjaminEngeset.
        #2927
      • Verify that servers have zone-redundant high availability (HA) configured by @BenjaminEngeset.
        #2932
    • Azure Firewall:
    • Virtual Network Gateway:
      • Verify that VPN/ExpressRoute gateways have a customer-controlled maintenance configuration configured by @BenjaminEngeset.
        #2910
  • Updated rules:
    • Virtual Machine:
      • Updated Azure.VM.MaintenanceConfig to align to the reliability pillar by @BernieWhite.
        #2925
        • Promoted to GA and bumped rule set to 2024_06.
    • Updated Azure.AKS.Version to use 1.28.9 as the minimum version by @BernieWhite.
      #2930
  • Engineering:
    • Bump Pester to v5.6.0.
      #2934
    • Bump Az.Resources to v7.1.0.
      #2934
    • Bump PSScriptAnalyzer to v1.22.0.
      #2934

See change log.

Contributors

BernieWhite and BenjaminEngeset
Assets 2
Loading

v1.37.0

05 Jun 15:27
@BernieWhite BernieWhite
v1.37.0
7ecb89e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.37.0

What's changed since v1.36.0:

  • New features:
    • Added support for new Bicep language features introduced in v0.27.1 by @BernieWhite.
      #2860
      #2859
      • Added support for shallowMerge, groupBy, objectKeys, and mapValues.
      • Updated syntax for Bicep lambda usage of map, reduce, and filter which now support indices.
      • Added support for spread operator.
  • New rules:
  • Updated rules:
    • API Management:
      • Important change: Updated Azure.APIM.AvailabilityZone to improve accuracy with non-premium SKUs by @BenjaminEngeset.
        #2788
        • Removed the If Premium SKU.
        • Added check for Premium SKU.
        • Bumped rule set to 2024_06.
      • Important change: Updated Azure.APIM.MultiRegion to improve accuracy with non-premium SKUs by @BenjaminEngeset.
        #2787
        • Removed the If Premium SKU.
        • Added check for Premium SKU.
        • Bumped rule set to 2024_06.
    • Deployment:
      • Add additional exclusions for Azure.Deployment.SecureParameter by @BernieWhite.
        #2857
  • General improvements:
    • Quality updates to documentation by @BernieWhite.
      #2570
    • Updated resource providers and policy aliases.
      #2880
    • Added support for split and concat functions during policy export by @BernieWhite.
      #2851
  • Engineering:
    • Bump xunit to v2.8.1.
      #2892
    • Bump xunit.runner.visualstudio to v2.8.1.
      #2891
    • Bump System.Management.Automation to 7.3.12.
      #2868
    • Bump Microsoft.NET.Test.Sdk to v17.10.0.
      #2884
  • Bug fixed:

What's changed since pre-release v1.37.0-B0071:

  • No additional changes.

See change log.

Contributors

BernieWhite and BenjaminEngeset
Assets 2
Loading

v1.37.0-B0071

04 Jun 23:29
@BernieWhite BernieWhite
v1.37.0-B0071
6ca4728
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.37.0-B0071 Pre-release
Pre-release

What's changed since pre-release v1.37.0-B0034:

  • New rules:
    • App Service:
    • Azure Cache for Redis:
    • Log Analytics:
    • Virtual Machine Scale Sets:
  • Updated rules:
    • API Management:
      • Important change: Updated Azure.APIM.MultiRegion to improve accuracy with non-premium SKUs by @BenjaminEngeset.
        #2787
        • Removed the If Premium SKU.
        • Added check for Premium SKU.
        • Bumped rule set to 2024_06
  • General improvements:
    • Added support for split and concat functions during policy export by @BernieWhite.
      #2851
  • Engineering:
    • Bump xunit to v2.8.1.
      #2892
    • Bump xunit.runner.visualstudio to v2.8.1.
      #2891

See change log.

Contributors

BernieWhite and BenjaminEngeset
Assets 2
Loading

v1.37.0-B0034

24 May 13:35
@BernieWhite BernieWhite
v1.37.0-B0034
ad6ab98
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.37.0-B0034 Pre-release
Pre-release

What's changed since pre-release v1.37.0-B0009:

  • New features:
    • Added support for new Bicep language features introduced in v0.27.1 by @BernieWhite.
      #2860
      #2859
      • Added support for shallowMerge, groupBy, objectKeys, and mapValues.
      • Updated syntax for Bicep lambda usage of map, reduce, and filter which now support indices.
      • Added support for spread operator.
  • New rules:
    • Application Gateway:
    • Azure Managed Grafana:
    • Cosmos DB:
    • Event Hub:
      • Check that access to the namespace endpoints is restricted to only allowed sources by @BenjaminEngeset.
        #2701
  • Updated rules:
    • API Management:
      • Important change: Updated Azure.APIM.AvailabilityZone to improve accuracy with non-premium SKUs by @BenjaminEngeset.
        #2788
        • Removed the If Premium SKU.
        • Added check for Premium SKU.
        • Bumped rule set to 2024_06.
  • General improvements:
    • Updated resource providers and policy aliases.
      #2880
  • Engineering:
    • Bump xunit to v2.8.0.
      #2870
    • Bump xunit.runner.visualstudio to v2.8.0.
      #2871
    • Bump System.Management.Automation to 7.3.12.
      #2868
    • Bump Microsoft.NET.Test.Sdk to v17.10.0.
      #2884
  • Bug fixed:
    • Fixed union does not perform deep merge or keep property order by @BernieWhite.
      #2885

See change log.

Contributors

BernieWhite and BenjaminEngeset
Assets 2
Loading