Is Azure Container Apps PCI-DSS Compliant

Aleksejs Buzdins 21

Hi, could you please confirm if Azure Container Apps is PCI-DSS Compliant?

In the latest AoC there are no mentions of Azure Container Apps

NOTE: I have not found a tag for azure-container-apps so using azure-container-instances

ajkuma 22,086 Reputation points Microsoft Employee

2022-05-05T18:26:49.627+00:00

@Aleksejs Buzdins , Thanks for posting this good question.

I'm checking on this internally with our product engineering team and will get back to you shortly.

PS:
As for as the the tag', vipullag-MSFT has added the right tag. I have also relayed this feedback to the platform team.
·
ajkuma 22,086 Reputation points Microsoft Employee

2022-05-07T19:49:50.017+00:00

Following-up -

AleksejsBuzdins-6887, just clarifying, are you referring to Microsoft-azure-compliance-offerings page | Compliance Offering PDF and this offering-pci-dss or some other AoC doc?

As Azure Container Apps is in public preview right now, perhaps it's not listed in the PDF (above' URL). I' have relayed this feedback and started a discussion internally, I'll share more updates as soon as I hear from them.

-Also, check this doc: - “It is important to understand that PCI DSS compliance status for Azure, OneDrive for Business, and SharePoint Online does not automatically translate to PCI DSS certification for the services that customers build or host on these platforms. Customers are responsible for ensuring that they achieve compliance with PCI DSS requirements. “

I hope you have a great weekend!
Aleksejs Buzdins 21 Reputation points

2022-05-09T09:42:48.773+00:00

Hi, thank you for your response.

I was mentioning this link https://servicetrust.microsoft.com/ViewPage/MSComplianceGuideV3 > "PCI-DSS" > "Azure - PCI DSS 3.2.1 - 2022" document.

Thank you for your support and looking forward hearing from you!
ajkuma 22,086 Reputation points Microsoft Employee

2022-05-09T20:10:54.82+00:00

AleksejsBuzdins-6887, Thanks for sharing the URL. I'll follow-up with you as soon as I hear from our PG team. Much appreciated.
bogdanr 1 Reputation point

2022-05-18T10:46:50.003+00:00

Hello ! Any feedback on this from PG team ?
Jordan Chang 0 Reputation points

2023-11-07T18:54:43.9533333+00:00

Has ACA been included in the PCI AOC yet? ACA is no longer in public preview.
ajkuma 22,086 Reputation points Microsoft Employee

2023-11-13T10:44:40.3866667+00:00

Follow-up on this:

Azure Container Apps is included in the PCI DSS AOC.

Users can download the PCI DSS AOC from ServiceTrust Portal.

Accepted answer

ajkuma 22,086 Reputation points Microsoft Employee

2022-05-19T19:11:50.85+00:00

@Aleksejs Buzdins , Thanks for your patience and collaboration on this. To benefit the community, summarizing our offline discussion.

Azure Container Apps is not PCI DSS certified; this is a new service that is currently in Public Preview.
That said, that we’re always looking to increase the scope of Azure’s PCI certification and are continually reviewing services for inclusion into future assessments.

Please note that; as mentioned in this doc: - “It is important to understand that PCI DSS compliance status for Azure, OneDrive for Business, and SharePoint Online does not automatically translate to PCI DSS certification for the services that customers build or host on these platforms. Customers are responsible for ensuring that they achieve compliance with PCI DSS requirements. “
Please sign in to rate this answer.

0 comments No comments
Sign in to comment

Is Azure Container Apps PCI-DSS Compliant

0 additional answers