last sync: 2024-Jun-14 18:20:16 UTC

SQL Managed Instance should have the minimal TLS version set to the highest version

Azure Landing Zones (ALZ) Policy definition

Source Repository Azure Landing Zones (ALZ) GitHub
JSON Deny-SqlMi-minTLS
Display name SQL Managed Instance should have the minimal TLS version set to the highest version
Id Deny-SqlMi-minTLS
Version 1.0.0
Details on versioning
Category SQL
Description Setting minimal TLS version to 1.2 improves security by ensuring your SQL Managed Instance can only be accessed from clients using TLS 1.2. Using versions of TLS less than 1.2 is not reccomended since they have well documented security vunerabilities.
Mode Indexed
Type Custom Azure Landing Zones (ALZ)
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Disabled, Deny
RBAC role(s) none
Rule aliases IF (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Sql/managedInstances/minimalTlsVersion Microsoft.Sql managedInstances properties.minimalTlsVersion false
Rule resource types IF (1)
Microsoft.Sql/managedInstances
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State
[Deprecated]: Deny or Deploy and append TLS requirements and SSL enforcement on resources without Encryption in transit Enforce-EncryptTransit Encryption Deprecated
Deny or Deploy and append TLS requirements and SSL enforcement on resources without Encryption in transit Enforce-EncryptTransit_20240509 Encryption GA
History none
JSON compare n/a
JSON
EPAC