azure-storage-secure-xfer

Ensure that 'Secure transfer required' is set to 'Enabled'

It is recommended to ensure that all connections to the storage account are done over encrypted channels in order to protect againt "man in the middle attacks". By enabling this option, any requests originating from an insecure connection are rejected.

Examples

Insecure Example

resource "azurerm_storage_account" "example" {
  name                      = "examplestoraccount"
  resource_group_name       = azurerm_resource_group.example.name
  location                  = azurerm_resource_group.example.location
  account_tier              = "Standard"
  account_replication_type  = "LRS"
  container_access_type     = "container"
  enable_https_traffic_only = false  # (default value is true)
  min_tls_version           = "TLS1_0"
}

Secure Example

resource "azurerm_storage_account" "example" {
  name                      = "examplestoraccount"
  resource_group_name       = azurerm_resource_group.example.name
  location                  = azurerm_resource_group.example.location
  account_tier              = "Standard"
  account_replication_type  = "LRS"
  container_access_type     = "private"
  enable_https_traffic_only = true
  min_tls_version           = "TLS1_2"
}

More information

• Azure Docs
• Terraform Docs