PSRule.Rules.Azure Versions Save

Rules to validate Azure resources and infrastructure as code (IaC) using PSRule.

v1.37.0-B0009

12 hours ago

What's changed since v1.36.0:

  • New rules:
    • Cosmos DB:
      • Check that database accounts use a paid tier by @BernieWhite. #2845
  • Updated rules:
    • Deployment:
      • Add additional exclusions for Azure.Deployment.SecureParameter by @BernieWhite. #2857
  • General improvements:
    • Quality updates to documentation by @BernieWhite. #2570
  • Bug fixes:
    • Fixed dependency ordering for cross scope deployments by @BernieWhite. #2850

See change log.

v1.36.0

1 week ago

What's changed since v1.35.3:

  • New rules:
    • Container App:
      • Check that Container Apps have a minimum number of replicas by @BernieWhite. #2790
      • Check that Container App environments are zone redundant by @BernieWhite. #2791
    • Cosmos DB:
      • Check that database accounts only accept a minimum of TLS 1.2 by @BernieWhite. #2809
    • Entra Domain Services:
      • Check that instances use a minimum version of NTLM by @BernieWhite. #2837
      • Check that instances use a minimum version of TLS by @BernieWhite. #2837
      • Check that instances do not use RC4 encryption by @BernieWhite. #2837
  • General improvements:
    • Important change: Deprecated rules with no clear WAF alignment by @BernieWhite. #2493
      • The following rules are deprecated:
        • Azure.Template.UseParameters
        • Azure.Template.UseVariables
        • Azure.Template.DefineParameters
        • Azure.Template.ValidSecretRef
      • These rules have been deprecated and will be removed in v2.
    • Quality updates to documentation by @lukemurraynz @BernieWhite. #2789 #2570
    • Additional policies added to default ignore list by @BernieWhite. #1731
  • Bug fixes:
    • Fixed not found warning when exporting firewall policy signatureOverrides by @BernieWhite. #2806
    • Fixed Azure.Storage.UseReplication to allow for zone-redundant replication by @sebassem. #2827
    • Fixed nested usage of listKeys mocks by @BernieWhite. #2829

What's changed since pre-release v1.36.0-B0077:

  • General improvements:
    • Quality updates to documentation by @BernieWhite. #2570

See change log.

v1.36.0-B0077

1 week ago

What's changed since pre-release v1.36.0-B0046:

  • New rules:
    • Entra Domain Services:
      • Check that instances use a minimum version of NTLM by @BernieWhite. #2837
      • Check that instances use a minimum version of TLS by @BernieWhite. #2837
      • Check that instances do not use RC4 encryption by @BernieWhite. #2837
  • General improvements:
    • Important change: Deprecated rules with no clear WAF alignment by @BernieWhite. #2493
      • The following rules are deprecated:
        • Azure.Template.UseParameters
        • Azure.Template.UseVariables
        • Azure.Template.DefineParameters
        • Azure.Template.ValidSecretRef
      • These rules have been deprecated and will be removed in v2.

See change log.

v1.36.0-B0046

1 week ago

What's changed since pre-release v1.36.0-B0020:

  • Bug fixes:
    • Fixed Azure.Storage.UseReplication to allow for zone-redundant replication by @sebassem. #2827
    • Fixed nested usage of listKeys mocks by @BernieWhite. #2829

See change log.

v1.36.0-B0020

3 weeks ago

What's changed since v1.35.3:

  • New rules:
    • Container App:
      • Check that Container Apps have a minimum number of replicas by @BernieWhite. #2790
      • Check that Container App environments are zone redundant by @BernieWhite. #2791
    • Cosmos DB:
      • Check that database accounts only accept a minimum of TLS 1.2 by @BernieWhite. #2809
  • General improvements:
    • Quality updates to documentation by @lukemurraynz @BernieWhite. #2789 #2570
    • Additional policies added to default ignore list by @BernieWhite. #1731
  • Bug fixes:
    • Fixed not found warning when exporting firewall policy signatureOverrides by @BernieWhite. #2806

See change log.

v1.35.3

4 weeks ago

What's changed since v1.35.2:

  • Bug fixes:
    • Fixed false positive with load balancers that use a public IP by @BernieWhite. #2814

See change log.

v1.35.2

1 month ago

What's changed since v1.35.1:

  • Bug fixes:
    • Fixed regression when handing ambiguous mock array outputs by @BernieWhite. #2801

See change log.

v1.35.1

1 month ago

What's changed since v1.35.0:

  • Bug fixes:
    • Fixed null parameter overrides default value by @BernieWhite. #2795

See change log.

v1.35.0

1 month ago

What's changed since v1.34.2:

  • New features:
    • Added WAF pillar specific baselines by @BernieWhite. #1633 #2752
      • Use pillar specific baselines to target a specific area of the Azure Well-Architected Framework.
      • The following baselines have been added:
        • Azure.Pillar.CostOptimization
        • Azure.Pillar.OperationalExcellence
        • Azure.Pillar.PerformanceEfficiency
        • Azure.Pillar.Reliability
        • Azure.Pillar.Security
    • Added March 2024 baselines Azure.GA_2024_03 and Azure.Preview_2024_03 by @BernieWhite. #2781
      • Includes rules released before or during March 2024.
      • Marked Azure.GA_2023_12 and Azure.Preview_2023_12 baselines as obsolete.
  • Updated rules:
    • Updated Azure.AppService.NETVersion to detect out of date .NET versions including .NET 5/6/7 by @BernieWhite. #2766
      • Bumped rule set to 2024_03.
    • Updated Azure.AppService.PHPVersion to detect out of date PHP versions before 8.2 by @BernieWhite. #2768
      • Fixed Azure.AppService.PHPVersion check fails when phpVersion is null.
      • Bumped rule set to 2024_03.
    • Updated Azure.AKS.Version to use 1.27.9 as the minimum version by @BernieWhite. #2771
  • General improvements:
    • Renamed Cognitive Services rules to Azure AI by @BernieWhite. #2776
      • Rules that were previously named Azure.Cognitive.* have been renamed to Azure.AI.*.
      • For each rule that has been renamed, an alias has been added to reference the old name.
    • Improved export of in-flight data for Event Grid and Azure Firewall Policies by @BernieWhite. #2774
    • Additional policies added to default ignore list by @BernieWhite. #1731
    • Quality updates to rule documentation by @BernieWhite. #2570 #1243 #2757
      • Add rule severity to rule documentation pages.
      • Add documentation redirects for renamed rules.
    • Updated links to learn.microsoft.com (from docs.microsoft.com) by @lukemurraynz. #2785
  • Engineering:
    • Bump coverlet.collector to v6.0.2. #2754
  • Bug fixes:
    • Fixed false negative from Azure.LB.AvailabilityZone when zone list is empty or null by @jtracey93. #2759
    • Fixed failed to expand JObject value with invalid key by @BernieWhite. #2751

What's changed since pre-release v1.35.0-B0116:

  • General improvements:
    • Updated links to learn.microsoft.com (from docs.microsoft.com) by @lukemurraynz. #2785

See change log.

v1.35.0-B0116

1 month ago

What's changed since pre-release v1.35.0-B0084:

  • New features:
    • Added March 2024 baselines Azure.GA_2024_03 and Azure.Preview_2024_03 by @BernieWhite. #2781
      • Includes rules released before or during March 2024.
      • Marked Azure.GA_2023_12 and Azure.Preview_2023_12 baselines as obsolete.
  • General improvements:
    • Renamed Cognitive Services rules to Azure AI by @BernieWhite. #2776
      • Rules that were previously named Azure.Cognitive.* have been renamed to Azure.AI.*.
      • For each rule that has been renamed, an alias has been added to reference the old name.

See change log.