| Source | Azure Portal | ||||||||||||||
| Display name | CORS should not allow every domain to access your FHIR Service | ||||||||||||||
| Id | fe1c9040-c46a-4e81-9aea-c7850fbb3aa6 | ||||||||||||||
| Version | 1.1.0 Details on versioning |
||||||||||||||
| Versioning |
Versions supported for Versioning: 1 1.1.0 Built-in Versioning [Preview] |
||||||||||||||
| Category | Healthcare APIs Microsoft Learn |
||||||||||||||
| Description | Cross-Origin Resource Sharing (CORS) should not allow all domains to access your FHIR Service. To protect your FHIR Service, remove access for all domains and explicitly define the domains allowed to connect. | ||||||||||||||
| Cloud environments | AzureCloud = true AzureUSGovernment = unknown AzureChinaCloud = unknown |
||||||||||||||
| Available in AzUSGov | Unknown, no evidence if Policy definition is/not available in AzureUSGovernment | ||||||||||||||
| Mode | Indexed | ||||||||||||||
| Type | BuiltIn | ||||||||||||||
| Preview | False | ||||||||||||||
| Deprecated | False | ||||||||||||||
| Effect | Default Audit Allowed audit, Audit, disabled, Disabled |
||||||||||||||
| RBAC role(s) | none | ||||||||||||||
| Rule aliases | IF (1)
|
||||||||||||||
| Rule resource types | IF (1) |
||||||||||||||
| Compliance | Not a Compliance control | ||||||||||||||
| Initiatives usage | none | ||||||||||||||
| History |
|
||||||||||||||
| JSON compare |
compare mode:
version left:
version right:
|
||||||||||||||
| JSON |
|