last sync: 2020-Oct-30 14:31:57 UTC

Azure Policy definition

Azure SQL Database should have the minimal TLS version of 1.2

Name Azure SQL Database should have the minimal TLS version of 1.2
Azure Portal
Id 32e6bbec-16b6-44c2-be37-c5b672d103cf
Version 1.0.1
details on versioning
Category SQL
Microsoft docs
Description Setting minimal TLS version to 1.2 improves security by ensuring your Azure SQL Database can only be accessed from clients using TLS 1.2. Using versions of TLS less than 1.2 is not reccomended since they have well documented security vunerabilities.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: Audit
Allowed: (Audit, Disabled)
Used RBAC Role none
History
Date/Time (UTC ymd) (i) Change type Change detail
2020-10-27 14:12:45 change Patch (1.0.0 > 1.0.1)
2020-07-14 15:28:17 add 32e6bbec-16b6-44c2-be37-c5b672d103cf
Used in Initiatives none
JSON Changes

Json
{
  "properties": {
    "displayName": "Azure SQL Database should have the minimal TLS version of 1.2",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "Setting minimal TLS version to 1.2 improves security by ensuring your Azure SQL Database can only be accessed from clients using TLS 1.2. Using versions of TLS less than 1.2 is not reccomended since they have well documented security vunerabilities.",
    "metadata": {
      "version": "1.0.1",
      "category": "SQL"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "Audit",
          "Disabled"
        ],
        "defaultValue": "Audit"
      }
    },
    "policyRule": {
      "if": {
        "allOf": [
          {
            "field": "type",
            "equals": "Microsoft.Sql/servers"
          },
          {
            "anyOf": [
              {
                "field": "Microsoft.Sql/servers/minimalTlsVersion",
                "exists": false
              },
              {
                "field": "Microsoft.Sql/servers/minimalTlsVersion",
                "notEquals": "1.2"
              }
            ]
          }
        ]
      },
      "then": {
      "effect": "[parameters('effect')]"
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/32e6bbec-16b6-44c2-be37-c5b672d103cf",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "32e6bbec-16b6-44c2-be37-c5b672d103cf"
}