azure-storage-tls-version¶
Ensure Storage Account is using the latest version of TLS encryption
Setting a minimal TLS version ensures that subsequent, newer TLS versions are supported. It is recommended to set the minimal TLS version to 1.2, after testing to confirm your applications support it, because it includes fixes for vulnerabilities found in previous versions. It’s also the highest TLS version supported in Azure Storage.
Examples¶
Insecure Example
resource "azurerm_storage_account" "example" {
name = "examplestoraccount"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "LRS"
container_access_type = "container"
enable_https_traffic_only = false # (default value is true)
min_tls_version = "TLS1_0"
}
Secure Example
resource "azurerm_storage_account" "example" {
name = "examplestoraccount"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "LRS"
container_access_type = "private"
enable_https_traffic_only = true
min_tls_version = "TLS1_2"
}