DOS1310

Enable Advanced Security for new Repositories

DOS1310

AzureDevOps project high builtIn

Description

Automatically enable Advanced Security for new repositories. New repositories in this project will be initialized with Advanced Security enabled by default. Advanced Security can be disabled on a repository at any time. Advanced Security is billed based on the number of unique active committers across all enabled repositories in your subscription. Learn more: https://learn.microsoft.com/en-us/azure/devops/repos/security/configure-github-advanced-security-features

Recommendation

1. Go to Project Settings. 
2. Select Repos -> Repositories. 
3. Select the Settings tab. 
4. Turn 'On' the setting 'Automatically enable Advanced Security for new repositories'.

Policy Rule

{
  "target": "ADOProjectAdvancedSecurityEnablement",
  "if": {
    "allOf": [
      {
        "resource": "ADOProjectAdvancedSecurityEnablement",
        "property": "EnableOnCreate",
        "operator": "equals",
        "value": true
      }
    ]
  },
  "then": {
    "effect": "Audit"
  }
}
« DOS1300 DOS1320 »
Rule Details
  • Rule ID: DOS1310
  • Code: ADO_Project_AdvancedSecurity_Enable_For_New_Repos
  • Platform: AzureDevOps
  • Category: project
  • Severity: high
  • Type: builtIn
Related Rules

Copyright © DevOps Shield. All Rights Reserved. Privacy Policy | Cookie Policy | Terms and Conditions