Ensure Minimum TLS Encryption Version For Storage Account

Azure Storage sets the minimum TLS version to be version 1.0 by default. TLS 1.0 is a legacy version and has known vulnerabilities. You should configure this minimum TLS version to be equal to or later than TLS 1.2.

Suggest Edits

Risk Level: medium
Cloud Entity: Azure
Spectral Rule ID: TFAZUR068

REMEDIATION

set min_tls_version

resource "azurerm_storage_account" "example" {
	+ min_tls_version = "TLS1_2"
}

References:

https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#min_tls_version
https://learn.microsoft.com/en-us/azure/storage/common/transport-layer-security-configure-minimum-version?tabs=portal

Azure Storage Account

An Azure storage account provides a unique namespace to store and access your Azure Storage data objects. All objects in a storage account are billed together as a group. By default, the data in your account is available only to you, the account owner.

Updated about 1 year ago