The configured minimum TLS version is not the latest version

ID

azure_storage_account_tls_version

Severity

high

Vendor

Azure

Resource

Network

Tags

asvs50-v12.1.1, reachable

Description

The configured minimum TLS version is not the latest version. The most secure TLS version is the latest. To configure this use the property: minimum_tls_version. The default value is TLS1_0.

Learn more about this topic at Azure Storage Account TLS.

Examples

---
- name: Example playbook
  hosts: localhost
  tasks:
    - name: create an account
      azure_rm_storageaccount:
        resource_group: myResourceGroup
        name: clh0002
        type: Standard_RAGRS
        minimum_tls_version: TLS1_0
        tags:
          testing: testing
          delete: on-exit

Mitigation / Fix

---
- name: Example playbook
  hosts: localhost
  tasks:
    - name: create an account
      azure_rm_storageaccount:
        resource_group: myResourceGroup
        name: clh0002
        type: Standard_RAGRS
        minimum_tls_version: TLS1_2
        tags:
          testing: testing
          delete: on-exit