azure-storage-secure-xfer¶
Ensure that 'Secure transfer required' is set to 'Enabled'
It is recommended to ensure that all connections to the storage account are done over encrypted channels in order to protect againt "man in the middle attacks". By enabling this option, any requests originating from an insecure connection are rejected.
Examples¶
Insecure Example
resource "azurerm_storage_account" "example" {
name = "examplestoraccount"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "LRS"
container_access_type = "container"
enable_https_traffic_only = false # (default value is true)
min_tls_version = "TLS1_0"
}
Secure Example
resource "azurerm_storage_account" "example" {
name = "examplestoraccount"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "LRS"
container_access_type = "private"
enable_https_traffic_only = true
min_tls_version = "TLS1_2"
}