last sync: 2023-Dec-06 18:52:29 UTC

Azure Landing Zones (ALZ) Policy definition

Storage Account set to minimum TLS and Secure transfer should be enabled

Source Repository Azure Landing Zones (ALZ) GitHub
JSON Deny-Storage-minTLS
Display name Storage Account set to minimum TLS and Secure transfer should be enabled
Id Deny-Storage-minTLS
Version 1.0.0
Details on versioning
Category Storage
Description Audit requirement of Secure transfer in your storage account. Secure transfer is an option that forces your storage account to accept requests only from secure connections (HTTPS). Use of HTTPS ensures authentication between the server and the service and protects data in transit from network layer attacks such as man-in-the-middle, eavesdropping, and session-hijacking
Mode Indexed
Type Custom Azure Landing Zones (ALZ)
Preview False
Deprecated False
Effect Default
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases IF (2)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Storage/storageAccounts/minimumTlsVersion Microsoft.Storage storageAccounts properties.minimumTlsVersion true
Microsoft.Storage/storageAccounts/supportsHttpsTrafficOnly Microsoft.Storage storageAccounts properties.supportsHttpsTrafficOnly true
Rule resource types IF (1)
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State
Deny or Deploy and append TLS requirements and SSL enforcement on resources without Encryption in transit Enforce-EncryptTransit Encryption GA
History none
JSON compare n/a