AzAdvertizer data changes detected

[avm-organizer]

Azure Advertizer Data Diff Report

Resource Type: microsoft.app/containerapps

New Advisor Recommendations:
- Authentication should be enabled on Azure Container Apps
- Azure Container Apps should not be exposed to the public internet unless required
- Managed identities assigned to Azure Container Apps should follow least privilege

Resource Type: microsoft.containerinstance/containergroups

New Advisor Recommendations:
- Azure Container Instances should not be publicly exposed
- Managed identities assigned to Azure Container Instances should follow least privilege

Resource Type: microsoft.network/azurefirewalls

New APRL Recommendations:
- Monitor "AZFW Latency Probe" metric

Resource Type: microsoft.security/awsresource

New Advisor Recommendations:
- Avoid the use of the "root" account
- IAM policies that allow full ":" administrative privileges should not be created
- ECS Fargate tasks should not be publicly exposed
- IAM task roles assigned to ECS Fargate tasks should follow least privilege
- ECS Fargate tasks should not run containers with elevated privileges

Resource Type: microsoft.workloads/virtualinstances/components

New Advisor Recommendations:
- Ensure PREFER_SITE_TAKEOVER is set to true for high availability (HA) SAP workloads on RHEL
- Ensure STONITH is enabled in the high availability (HA) configuration for SAP workloads on RHEL

[microsoft-github-policy-service]

Important

The "Needs: Triage 🔍" label must be removed once the triage process is complete!

Tip

For additional guidance on how to triage this issue/PR, see the AVM Issue Triage documentation.