DOS2470

Inactive service connection should be reviewed and must be removed if not used

DOS2470

AzureDevOps project high builtIn

Description

Review inactive service connections and remove them if not required anymore. Inactive services connections must be removed to reduce the attack surface for a malicious user. Learn more: https://learn.microsoft.com/en-us/azure/devops/pipelines/library/service-endpoints https://learn.microsoft.com/en-us/azure/devops/pipelines/security/resources

Recommendation

1. Navigate to Project Settings. 
2. Open the Service connections link under Pipelines. 
3. Select a service connection. 
4. Click on the Usage history tab and review last run date. 
5. Click on the three dots button (top right). 
6. Click on Delete.

Policy Rule

{
  "target": "ADOProjectServiceEndpointExecutionRecord",
  "if": {
    "allOf": [
      {
        "resource": "ADOProjectServiceEndpointExecutionRecord",
        "property": "Data.StartTime",
        "operator": "lessThanPeriodDays",
        "value": 180
      }
    ]
  },
  "then": {
    "effect": "Audit"
  }
}
« DOS2460 DOS2475 »
Rule Details
  • Rule ID: DOS2470
  • Code: ADO_Project_ServiceConnection_Review_Inactive_ServiceConnections
  • Platform: AzureDevOps
  • Category: project
  • Severity: high
  • Type: builtIn
Related Rules

Copyright © DevOps Shield. All Rights Reserved. Privacy Policy | Cookie Policy | Terms and Conditions