last sync: 2020-Oct-30 14:31:57 UTC

Azure Policy definition

SQL Managed Instance should have the minimal TLS version of 1.2

Name SQL Managed Instance should have the minimal TLS version of 1.2
Azure Portal
Id a8793640-60f7-487c-b5c3-1d37215905c4
Version 1.0.1
details on versioning
Category SQL
Microsoft docs
Description Setting minimal TLS version to 1.2 improves security by ensuring your SQL Managed Instance can only be accessed from clients using TLS 1.2. Using versions of TLS less than 1.2 is not reccomended since they have well documented security vunerabilities.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: Audit
Allowed: (Audit, Disabled)
Used RBAC Role none
History
Date/Time (UTC ymd) (i) Change type Change detail
2020-10-27 14:12:45 change Patch (1.0.0 > 1.0.1)
2020-07-14 15:28:17 add a8793640-60f7-487c-b5c3-1d37215905c4
Used in Initiatives none
JSON Changes

Json
{
  "properties": {
    "displayName": "SQL Managed Instance should have the minimal TLS version of 1.2",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "Setting minimal TLS version to 1.2 improves security by ensuring your SQL Managed Instance can only be accessed from clients using TLS 1.2. Using versions of TLS less than 1.2 is not reccomended since they have well documented security vunerabilities.",
    "metadata": {
      "version": "1.0.1",
      "category": "SQL"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "Audit",
          "Disabled"
        ],
        "defaultValue": "Audit"
      }
    },
    "policyRule": {
      "if": {
        "allOf": [
          {
            "field": "type",
            "equals": "Microsoft.Sql/managedInstances"
          },
          {
            "anyOf": [
              {
                "field": "Microsoft.Sql/managedInstances/minimalTlsVersion",
                "exists": false
              },
              {
                "field": "Microsoft.Sql/managedInstances/minimalTlsVersion",
                "notEquals": "1.2"
              }
            ]
          }
        ]
      },
      "then": {
      "effect": "[parameters('effect')]"
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/a8793640-60f7-487c-b5c3-1d37215905c4",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "a8793640-60f7-487c-b5c3-1d37215905c4"
}