September 05, 2024, Conformity—New Rule
Azure
- APIManagement-010: Use System-Assigned Managed Identities for Azure API Management Services: Ensure that your Azure API Management service instances are using system-assigned managed identities in order to allow secure access to other Microsoft Azure protected resources such as Azure Key Vaults. System-assigned managed identities minimizes risks, simplifies management, and maintains compliance with evolving cloud services.
- APIManagement-011: Use User-Assigned Managed Identities for Azure API Management Services: Ensure that your Azure API Management service instances are using user-assigned managed identities for fine-grained control over access permissions.