last sync: 2021-May-14 16:08:20 UTC

Azure Policy definition

SQL Managed Instance should have the minimal TLS version of 1.2

Name SQL Managed Instance should have the minimal TLS version of 1.2
Azure Portal
Id a8793640-60f7-487c-b5c3-1d37215905c4
Version 1.0.1
details on versioning
Category SQL
Microsoft docs
Description Setting minimal TLS version to 1.2 improves security by ensuring your SQL Managed Instance can only be accessed from clients using TLS 1.2. Using versions of TLS less than 1.2 is not recommended since they have well documented security vulnerabilities.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: Audit
Allowed: (Audit, Disabled)
Used RBAC Role none
History
Date/Time (UTC ymd) (i) Change type Change detail
2020-10-27 14:12:45 change Patch (1.0.0 > 1.0.1) *changes on text case sensitivity are not tracked
2020-07-14 15:28:17 add a8793640-60f7-487c-b5c3-1d37215905c4
Used in Initiatives none
JSON Changes

JSON
{
  "properties": {
    "displayName": "SQL Managed Instance should have the minimal TLS version of 1.2",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "Setting minimal TLS version to 1.2 improves security by ensuring your SQL Managed Instance can only be accessed from clients using TLS 1.2. Using versions of TLS less than 1.2 is not recommended since they have well documented security vulnerabilities.",
    "metadata": {
      "version": "1.0.1",
      "category": "SQL"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "Audit",
          "Disabled"
        ],
        "defaultValue": "Audit"
      }
    },
    "policyRule": {
      "if": {
        "allOf": [
          {
            "field": "type",
            "equals": "Microsoft.Sql/managedInstances"
          },
          {
            "anyOf": [
              {
                "field": "Microsoft.Sql/managedInstances/minimalTlsVersion",
                "exists": false
              },
              {
                "field": "Microsoft.Sql/managedInstances/minimalTlsVersion",
                "notEquals": "1.2"
              }
            ]
          }
        ]
      },
      "then": {
      "effect": "[parameters('effect')]"
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/a8793640-60f7-487c-b5c3-1d37215905c4",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "a8793640-60f7-487c-b5c3-1d37215905c4"
}