Storage Account Not Forcing HTTPS
- Query id: 12944ec4-1fa0-47be-8b17-42a034f937c2
- Query name: Storage Account Not Forcing HTTPS
- Platform: Terraform
- Severity: Medium
- Category: Encryption
- CWE: 319
- URL: Github
Description¶
Storage Accounts should enforce the use of HTTPS
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "azurerm_storage_account" "positive1" {
name = "example1"
resource_group_name = data.azurerm_resource_group.example.name
location = data.azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "GRS"
enable_https_traffic_only = false
}
resource "azurerm_storage_account" "positive2" {
name = "example2"
resource_group_name = data.azurerm_resource_group.example.name
location = data.azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "GRS"
}
Code samples without security vulnerabilities¶
Negative test num. 1 - tf file
resource "azurerm_storage_account" "negative1" {
name = "example"
resource_group_name = data.azurerm_resource_group.example.name
location = data.azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "GRS"
enable_https_traffic_only = true
}