AzPolicyAdvertizer

last sync: 2025-Jun-13 17:23:19 UTC

[Deprecated]: Latest TLS version should be used in your API App

Azure BuiltIn Policy definition

Source Azure Portal
Display name [Deprecated]: Latest TLS version should be used in your API App
Id 8cb6aa8b-9e41-4f4e-aa25-089a7ac2581e
Version 1.0.0-deprecated
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0 (1.0.0-deprecated)
Built-in Versioning [Preview]
Category App Service
Microsoft Learn
Description Upgrade to the latest TLS version. We recommend all customers who are still using API Apps to implement the built-in policy called 'App Service apps should use the latest TLS version', which is scoped to include API apps in addition to Web Apps.
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Assessment(s) Assessments count: 1
Assessment Id: 5a659d57-117d-bb18-65f6-54e51da1bb9b
DisplayName: TLS should be updated to the latest version for API apps
Description: The Transport Layer Security (TLS) protocol provides secure communication between web applications and servers.
Using outdated versions of TLS can expose the system to vulnerabilities and potential attacks.
By updating to the latest version, you can ensure the highest level of security for your API apps.

Remediation description: To update your API app to the latest TLS version:
1. Navigate to Azure App Service 2. Select TLS/SSL settings 3. Under the Protocol Settings section, choose the latest Minimum TLS Version.
For more information on managing TLS/SSL settings, visit here: https://aka.ms/add-tls
Categories: AppServices
Severity: High
preview: True
Mode Indexed
Type BuiltIn
Preview False
Deprecated True
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Web/sites/config/minTlsVersion Microsoft.Web sites/config properties.minTlsVersion True False
Rule resource types IF (1)
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-07-01 16:32:34 change Version remains equal, new suffix: deprecated (1.0.0 > 1.0.0-deprecated)
2019-10-29 23:04:36 add 8cb6aa8b-9e41-4f4e-aa25-089a7ac2581e
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC