CODEWITHSUNDEEP
azuretls1.2azure-storage-account
onkeliroh
onkeliroh

Reputation: 1713

Azure StorageAccount minimum TLS1.2 support

I use ARM to define my resources in Azure. Now i want to define the minimum supported TLS Version within my ARM Template for a StorageAccount.

Usually i just edit the resource via the dashboard and export the generated ARM Template to then look for the new change. Unfortunately for the TLS Version this does not seam to be a part of the ARM Template definition. I also can not find any mention in the Schema definition -> https://github.com/Azure/azure-resource-manager-schemas/blob/master/schemas/2019-06-01/Microsoft.Storage.json

Does anyone know how i can for the minimum TLS Version to be no less than 1.2 during or directly after the resource deployment?

Upvotes: 1

Views: 3429

Answers (1)

Daniel Björk
Daniel Björk

Reputation: 2507

I just created a Storage account with tls 1.2 and i can see this in the template:

"minimumTlsVersion": "[parameters('minimumTlsVersion')]",

And the parameter value is:

    "minimumTlsVersion": {
        "value": "TLS1_2"
    },

This is the full template

{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
    "location": {
        "type": "string"
    },
    "storageAccountName": {
        "type": "string"
    },
    "accountType": {
        "type": "string"
    },
    "kind": {
        "type": "string"
    },
    "accessTier": {
        "type": "string"
    },
    "minimumTlsVersion": {
        "type": "string"
    },
    "supportsHttpsTrafficOnly": {
        "type": "bool"
    },
    "allowBlobPublicAccess": {
        "type": "bool"
    },
    "networkAclsBypass": {
        "type": "string"
    },
    "networkAclsDefaultAction": {
        "type": "string"
    }
},
"variables": {},
"resources": [
    {
        "name": "[parameters('storageAccountName')]",
        "type": "Microsoft.Storage/storageAccounts",
        "apiVersion": "2019-06-01",
        "location": "[parameters('location')]",
        "properties": {
            "accessTier": "[parameters('accessTier')]",
            "minimumTlsVersion": "[parameters('minimumTlsVersion')]",
            "supportsHttpsTrafficOnly": "[parameters('supportsHttpsTrafficOnly')]",
            "allowBlobPublicAccess": "[parameters('allowBlobPublicAccess')]",
            "networkAcls": {
                "bypass": "[parameters('networkAclsBypass')]",
                "defaultAction": "[parameters('networkAclsDefaultAction')]",
                "ipRules": []
            }
        },
        "dependsOn": [],
        "sku": {
            "name": "[parameters('accountType')]"
        },
        "kind": "[parameters('kind')]",
        "tags": {}
    }
],
"outputs": {}

}

Upvotes: 2

Related Questions