Skip to content

Releases: Azure/PSRule.Rules.Azure

v1.34.0-B0022

27 Feb 08:13
@BernieWhite BernieWhite
v1.34.0-B0022
a0874a0
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.34.0-B0022 Pre-release
Pre-release

What's changed since v1.33.2:

  • New rules:
    • Azure Kubernetes Service:
      • Check that user mode pools have a minimum number of nodes by @BernieWhite.
        #2683
        • Added configuration to support changing the minimum number of node and to exclude node pools.
        • Set AZURE_AKS_CLUSTER_USER_POOL_MINIMUM_NODES to set the minimum number of user nodes.
        • Set AZURE_AKS_CLUSTER_USER_POOL_EXCLUDED_FROM_MINIMUM_NODES to exclude a specific node pool by name.
  • Updated rules:
    • Azure Kubernetes Service:
      • Updated Azure.AKS.MinNodeCount the count nodes system node pools by @BernieWhite.
        #2683
        • Improved guidance and examples specifically for system node pools.
        • Added configuration to support changing the minimum number of node.
        • Set AZURE_AKS_CLUSTER_MINIMUM_SYSTEM_NODES to set the minimum number of system nodes.
    • Front Door:
      • Updated Azure.FrontDoor.Logs to cover premium and standard profiles instead of just classic by @BernieWhite.
        #2704
        • Added a selector for premium and standard profiles Azure.FrontDoor.IsStandardOrPremium.
        • Added a selector for classic profiles Azure.FrontDoor.IsClassic.
        • Updated rule set to 2024_03.
  • General improvements:
    • Moved .bicepparam file support to stable by @BernieWhite.
      #2682
      • Bicep param files are now automatically expanded when found.
      • To disable expansion, set the configuration option AZURE_BICEP_PARAMS_FILE_EXPANSION to false.
    • Documentation and metadata improvements by @BernieWhite.
      #1772
      #2570
  • Engineering:
    • Bump Microsoft.NET.Test.Sdk to v17.9.0.
      #2680
    • Bump xunit to v2.7.0.
      #2688
    • Bump xunit.runner.visualstudio to v2.5.7.
      #2689
    • Bump coverlet.collector to v6.0.1.
      #2699
  • Bug fixes:

See change log.

Contributors

BernieWhite
Assets 2
Loading

v1.33.2

17 Feb 16:01
@BernieWhite BernieWhite
v1.33.2
ac20103
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.33.2

What's changed since v1.33.1:

  • Bug fixes:
    • Fixed false positive of Azure.Resource.AllowedRegions raised during assertion call by @BernieWhite.
      #2687

See change log.

Contributors

BernieWhite
Assets 2
Loading

v1.33.1

13 Feb 17:34
@BernieWhite BernieWhite
v1.33.1
c71b957
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.33.1

What's changed since v1.33.0:

  • Bug fixes:
    • Fixed Azure.AKS.AuthorizedIPs is not valid for a private cluster by @BernieWhite.
      #2677
    • Fixed generating rule for VM extensions from policy is incorrect by @BernieWhite.
      #2608

See change log.

Contributors

BernieWhite
Assets 2
Loading

v1.33.0

05 Feb 15:05
@BernieWhite BernieWhite
v1.33.0
5058051
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.33.0

What's changed since v1.32.1:

  • New features:
    • Exporting policy as rules also generates a baseline by @BernieWhite.
      #2482
      • A baseline is automatically generated that includes for all rules exported.
        If a policy rule has been replaced by a built-in rule, the baseline will include the built-in rule instead.
      • The baseline is named <Prefix>.PolicyBaseline.All. i.e. Azure.PolicyBaseline.All by default.
      • For details see Policy as rules.
  • New rules:
    • Databricks:
    • Dev Box:
  • Updated rules:
    • Application Gateway:
      • Updated Azure.AppGwWAF.RuleGroups to use the rule sets by @BenjaminEngeset.
        #2629
        • The latest Bot Manager rule set is now 1.0.
        • The latest OWASP rule set is now 3.2.
    • Cognitive Services:
      • Relaxed Azure.Cognitive.ManagedIdentity to configurations that require managed identities by @BernieWhite.
        #2559
    • Virtual Machine:
      • Checks for Azure Hybrid Benefit Azure.VM.UseHybridUseBenefit are not enabled by default by @BernieWhite.
        #2493
        • To enable, set the AZURE_VM_USE_HYBRID_USE_BENEFIT option to true.
    • Virtual Network:
      • Added option for excluding subnets to Azure.VNET.UseNSGs by @BernieWhite.
        #2572
        • To add a subnet exclusion, set the AZURE_VNET_SUBNET_EXCLUDED_FROM_NSG option.
  • General improvements:
    • Rules that are ignored during exporting policy as rules are now generate a verbose logs by @BernieWhite.
      #2482
      • This is to improve transparency of why rules are not exported.
      • To see details on why a rule is ignored, enable verbose logging with -Verbose.
    • Policies that duplicate built-in rules can now be exported by using the -KeepDuplicates parameter by @BernieWhite.
      #2482
    • Quality updates to rules and documentation by @BernieWhite.
      #1772
      #2570
  • Engineering:
    • Bump xunit to v2.6.6.
      #2645
    • Bump xunit.runner.visualstudio to v2.5.6.
      #2619
    • Bump BenchmarkDotNet to v0.13.12.
      #2636
    • Bump BenchmarkDotNet.Diagnostics.Windows to v0.13.12.
      #2636
  • Bug fixes:
    • Fixed dateTimeAdd may fail with different localization by @BernieWhite.
      #2631
    • Fixed inconclusive result reported for Azure.ACR.Usage by @BernieWhite.
      #2494
    • Fixed export of Front Door resource data is incomplete by @BernieWhite.
      #2668
    • Fixed Azure.Template.TemplateFile to support with languageVersion 2.0 template properties by @MrRoundRobin.
      #2660
    • Fixed Azure.VM.DiskSizeAlignment does not handle smaller sizes and ultra disks by @BernieWhite.
      #2656

What's changed since pre-release v1.33.0-B0169:

  • No additional changes.

See change log.

Contributors

MrRoundRobin, BernieWhite, and 2 other contributors
Assets 2
Loading

v1.33.0-B0169

04 Feb 04:20
@BernieWhite BernieWhite
v1.33.0-B0169
54d112b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.33.0-B0169 Pre-release
Pre-release

What's changed since pre-release v1.33.0-B0126:

  • New features:
    • Exporting policy as rules also generates a baseline by @BernieWhite.
      #2482
      • A baseline is automatically generated that includes for all rules exported.
        If a policy rule has been replaced by a built-in rule, the baseline will include the built-in rule instead.
      • The baseline is named <Prefix>.PolicyBaseline.All. i.e. Azure.PolicyBaseline.All by default.
      • For details see Policy as rules.
  • General improvements:
    • Rules that are ignored during exporting policy as rules are now generate a verbose logs by @BernieWhite.
      #2482
      • This is to improve transparency of why rules are not exported.
      • To see details on why a rule is ignored, enable verbose logging with -Verbose.
    • Policies that duplicate built-in rules can now be exported by using the -KeepDuplicates parameter by @BernieWhite.
      #2482
  • Bug fixes:

See change log.

Contributors

BernieWhite
Assets 2
Loading

v1.33.0-B0126

27 Jan 10:22
@BernieWhite BernieWhite
v1.33.0-B0126
973b766
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.33.0-B0126 Pre-release
Pre-release

What's changed since pre-release v1.33.0-B0088:

  • Bug fixes:
    • Fixed Azure.Template.TemplateFile to support with languageVersion 2.0 template properties by @MrRoundRobin.
      #2660

See change log.

Contributors

MrRoundRobin
Assets 2
Loading

v1.33.0-B0088

26 Jan 02:48
@BernieWhite BernieWhite
v1.33.0-B0088
9cd9b31
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.33.0-B0088 Pre-release
Pre-release

What's changed since pre-release v1.33.0-B0053:

  • New rules:
    • Dev Box:
  • Bug fixes:
    • Fixed Azure.VM.DiskSizeAlignment does not handle smaller sizes and ultra disks by @BernieWhite.
      #2656

See change log.

Contributors

BernieWhite
Assets 2
Loading

v1.33.0-B0053

17 Jan 01:45
@BernieWhite BernieWhite
v1.33.0-B0053
13b952d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.33.0-B0053 Pre-release
Pre-release

What's changed since pre-release v1.33.0-B0023:

  • New rules:
    • Databricks:
  • Engineering:
    • Bump xunit to v2.6.6.
      #2645
    • Bump BenchmarkDotNet to v0.13.12.
      #2636
    • Bump BenchmarkDotNet.Diagnostics.Windows to v0.13.12.
      #2636

See change log.

Contributors

batemansogq
Assets 2
Loading

v1.33.0-B0023

11 Jan 17:15
@BernieWhite BernieWhite
v1.33.0-B0023
62218d7
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.33.0-B0023 Pre-release
Pre-release

What's changed since v1.32.1:

  • Updated rules:
    • Application Gateway:
      • Updated Azure.AppGwWAF.RuleGroups to use the rule sets by @BenjaminEngeset.
        #2629
        • The latest Bot Manager rule set is now 1.0.
        • The latest OWASP rule set is now 3.2.
    • Cognitive Services:
      • Relaxed Azure.Cognitive.ManagedIdentity to configurations that require managed identities by @BernieWhite.
        #2559
    • Virtual Machine:
      • Checks for Azure Hybrid Benefit Azure.VM.UseHybridUseBenefit are not enabled by default by @BernieWhite.
        #2493
        • To enable, set the AZURE_VM_USE_HYBRID_USE_BENEFIT option to true.
    • Virtual Network:
      • Added option for excluding subnets to Azure.VNET.UseNSGs by @BernieWhite.
        #2572
        • To add a subnet exclusion, set the AZURE_VNET_SUBNET_EXCLUDED_FROM_NSG option.
  • General improvements:
  • Engineering:
    • Bump xunit to v2.6.4.
      #2618
    • Bump xunit.runner.visualstudio to v2.5.6.
      #2619
  • Bug fixes:

See change log.

Contributors

BernieWhite and BenjaminEngeset
Assets 2
Loading

v1.32.1

18 Dec 08:06
@BernieWhite BernieWhite
v1.32.1
6d016be
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.32.1

What's changed since v1.32.0:

See change log.

Contributors

BernieWhite
Assets 2
Loading