Storage Account Not Forcing HTTPS
- Query id: 2c99a474-2a3c-4c17-8294-53ffa5ed0522
- Query name: Storage Account Not Forcing HTTPS
- Platform: Ansible
- Severity: High
- Category: Encryption
- URL: Github
Description¶
Storage Accounts should enforce the use of HTTPS
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
---
- name: create an account
azure.azcollection.azure_rm_storageaccount:
resource_group: myResourceGroup
name: clh0002
type: Standard_RAGRS
tags:
testing: testing
delete: on-exit
- name: create an account2
azure.azcollection.azure_rm_storageaccount:
resource_group: myResourceGroup
name: clh0002
type: Standard_RAGRS
https_only: false
tags:
testing: testing
delete: on-exit
- name: create an account3
azure.azcollection.azure_rm_storageaccount:
resource_group: myResourceGroup
name: clh0002
type: Standard_RAGRS
https_only: False
tags:
testing: testing
delete: on-exit
- name: create an account4
azure.azcollection.azure_rm_storageaccount:
resource_group: myResourceGroup
name: clh0002
type: Standard_RAGRS
https_only: no
tags:
testing: testing
delete: on-exit
- name: create an account5
azure.azcollection.azure_rm_storageaccount:
resource_group: myResourceGroup
name: clh0002
type: Standard_RAGRS
https_only: No
tags:
testing: testing
delete: on-exit
- name: create an account6
azure.azcollection.azure_rm_storageaccount:
resource_group: myResourceGroup
name: clh0002
type: Standard_RAGRS
https_only: "false"
tags:
testing: testing
delete: on-exit
- name: create an account7
azure.azcollection.azure_rm_storageaccount:
resource_group: myResourceGroup
name: clh0002
type: Standard_RAGRS
https_only: "False"
tags:
testing: testing
delete: on-exit
- name: create an account8
azure.azcollection.azure_rm_storageaccount:
resource_group: myResourceGroup
name: clh0002
type: Standard_RAGRS
https_only: "no"
tags:
testing: testing
delete: on-exit
- name: create an account9
azure.azcollection.azure_rm_storageaccount:
resource_group: myResourceGroup
name: clh0002
type: Standard_RAGRS
https_only: "No"
tags:
testing: testing
delete: on-exit
Code samples without security vulnerabilities¶
Negative test num. 1 - yaml file
- name: create an account
azure.azcollection.azure_rm_storageaccount:
resource_group: myResourceGroup
name: clh0002
type: Standard_RAGRS
https_only: yes
tags:
testing: testing
delete: on-exit
- name: create an account2
azure.azcollection.azure_rm_storageaccount:
resource_group: myResourceGroup
name: clh0002
type: Standard_RAGRS
https_only: true
tags:
testing: testing
delete: on-exit
- name: create an account3
azure.azcollection.azure_rm_storageaccount:
resource_group: myResourceGroup
name: clh0002
type: Standard_RAGRS
https_only: true
tags:
testing: testing
delete: on-exit
- name: create an account4
azure.azcollection.azure_rm_storageaccount:
resource_group: myResourceGroup
name: clh0002
type: Standard_RAGRS
https_only: 'true'
tags:
testing: testing
delete: on-exit
- name: create an account5
azure.azcollection.azure_rm_storageaccount:
resource_group: myResourceGroup
name: clh0002
type: Standard_RAGRS
https_only: 'True'
tags:
testing: testing
delete: on-exit
- name: create an account6
azure.azcollection.azure_rm_storageaccount:
resource_group: myResourceGroup
name: clh0002
type: Standard_RAGRS
https_only: yes
tags:
testing: testing
delete: on-exit
- name: create an account7
azure.azcollection.azure_rm_storageaccount:
resource_group: myResourceGroup
name: clh0002
type: Standard_RAGRS
https_only: Yes
tags:
testing: testing
delete: on-exit
- name: create an account8
azure.azcollection.azure_rm_storageaccount:
resource_group: myResourceGroup
name: clh0002
type: Standard_RAGRS
https_only: Yes
tags:
testing: testing
delete: on-exit