question

AleksejsBuzdins-6887 avatar image
0 Votes"
AleksejsBuzdins-6887 asked ajkuma-MSFT answered

Is Azure Container Apps PCI-DSS Compliant

Hi, could you please confirm if Azure Container Apps is PCI-DSS Compliant?

In the latest AoC there are no mentions of Azure Container Apps

NOTE: I have not found a tag for azure-container-apps so using azure-container-instances

azure-webapps
· 5
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@AleksejsBuzdins-6887, Thanks for posting this good question.

I'm checking on this internally with our product engineering team and will get back to you shortly.

PS:
As for as the the tag', vipullag-MSFT has added the right tag. I have also relayed this feedback to the platform team.
·

1 Vote 1 ·

Following-up -

AleksejsBuzdins-6887, just clarifying, are you referring to Microsoft-azure-compliance-offerings page | Compliance Offering PDF and this offering-pci-dss or some other AoC doc?

As Azure Container Apps is in public preview right now, perhaps it's not listed in the PDF (above' URL). I' have relayed this feedback and started a discussion internally, I'll share more updates as soon as I hear from them.

-Also, check this doc: - “It is important to understand that PCI DSS compliance status for Azure, OneDrive for Business, and SharePoint Online does not automatically translate to PCI DSS certification for the services that customers build or host on these platforms. Customers are responsible for ensuring that they achieve compliance with PCI DSS requirements. “

I hope you have a great weekend!

1 Vote 1 ·

Hi, thank you for your response.

I was mentioning this link https://servicetrust.microsoft.com/ViewPage/MSComplianceGuideV3 > "PCI-DSS" > "Azure - PCI DSS 3.2.1 - 2022" document.

Thank you for your support and looking forward hearing from you!



0 Votes 0 ·
Show more comments

1 Answer

ajkuma-MSFT avatar image
0 Votes"
ajkuma-MSFT answered

@AleksejsBuzdins-6887, Thanks for your patience and collaboration on this. To benefit the community, summarizing our offline discussion.


Azure Container Apps is not PCI DSS certified; this is a new service that is currently in Public Preview.
That said, that we’re always looking to increase the scope of Azure’s PCI certification and are continually reviewing services for inclusion into future assessments.

Please note that; as mentioned in this doc: - “It is important to understand that PCI DSS compliance status for Azure, OneDrive for Business, and SharePoint Online does not automatically translate to PCI DSS certification for the services that customers build or host on these platforms. Customers are responsible for ensuring that they achieve compliance with PCI DSS requirements. “

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.