AzPolicyAdvertizer

last sync: 2023-Dec-06 18:52:29 UTC

Azure Landing Zones (ALZ) Policy definition

Storage Account set to minimum TLS and Secure transfer should be enabled

Source

Repository Azure Landing Zones (ALZ) GitHub
JSON Deny-Storage-minTLS

Display name

Storage Account set to minimum TLS and Secure transfer should be enabled

Deny-Storage-minTLS

Version

1.0.0
Details on versioning

Category

Storage

Description

Audit requirement of Secure transfer in your storage account. Secure transfer is an option that forces your storage account to accept requests only from secure connections (HTTPS). Use of HTTPS ensures authentication between the server and the service and protects data in transit from network layer attacks such as man-in-the-middle, eavesdropping, and session-hijacking

Mode

Indexed

Type

Custom Azure Landing Zones (ALZ)

Preview

False

Deprecated

False

Effect

Default
Deny
Allowed
Audit, Deny, Disabled

RBAC role(s)

none

Rule aliases

IF (2)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.Storage/storageAccounts/minimumTlsVersion	Microsoft.Storage	storageAccounts	properties.minimumTlsVersion	true
Microsoft.Storage/storageAccounts/supportsHttpsTrafficOnly	Microsoft.Storage	storageAccounts	properties.supportsHttpsTrafficOnly	true

Rule resource types

IF (1)
Microsoft.Storage/storageAccounts

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State
Deny or Deploy and append TLS requirements and SSL enforcement on resources without Encryption in transit	Enforce-EncryptTransit	Encryption	GA

History

none

JSON compare

n/a

JSON

EPAC