Storage Account Not Using Latest TLS Encryption Version

  • Query id: c62746cf-92d5-4649-9acf-7d48d086f2ee
  • Query name: Storage Account Not Using Latest TLS Encryption Version
  • Platform: Ansible
  • Severity: Medium
  • Category: Encryption
  • URL: Github

Description

Ensure Storage Account is using the latest version of TLS encryption
Documentation

Code samples

Code samples with security vulnerabilities

Postitive test num. 1 - yaml file
---
- name: Create an account with kind of FileStorage
  azure_rm_storageaccount:
    resource_group: myResourceGroup
    name: c1h0002
    type: Premium_LRS
    kind: FileStorage
    minimum_tls_version: TLS1_0
    tags:
      testing: testing
- name: Create a second account with kind of FileStorage
  azure_rm_storageaccount:
    resource_group: myResourceGroup
    name: clh0003
    type: Premium_LRS
    kind: FileStorage

Code samples without security vulnerabilities

Negative test num. 1 - yaml file
- name: Create an account with kind of FileStorage
  azure_rm_storageaccount:
    resource_group: myResourceGroup
    name: c1h0002
    type: Premium_LRS
    kind: FileStorage
    minimum_tls_version: TLS1_2
    tags:
      testing: testing