Risk Level: High
Cloud Entity: Spring Cloud
CloudGuard Rule ID: D9.AZU.CRY.31
Covered by Spectral: Yes
Category: Compute

SpringCloud should have apps contain [ properties.httpsOnly=true ]

REMEDIATION

From Portal

From TF
Set the 'https_only' argument to 'true':

resource "azurerm_spring_cloud_app" "example" {
	..
	https_only = true
	..
}

From Command Line
Run

az spring-cloud app update --https-only --name APP-NAME --resource-group RESOURCE-GROUP --service SPRING-CLOUD-SERVICE

References

Spring Cloud

Azure Spring Cloud makes it easy to deploy Spring Boot applications to Azure without any code changes.