Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

set's min TLS version for azure storage account to TLS 1.2 #2522

Merged
merged 2 commits into from
Jun 20, 2024
Merged

set's min TLS version for azure storage account to TLS 1.2 #2522

merged 2 commits into from
Jun 20, 2024

Conversation

dcmcand
Copy link
Contributor

@dcmcand dcmcand commented Jun 18, 2024

Reference Issues or PRs

fixes #2521

What does this implement/fix?

Put a x in the boxes that apply

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds a feature)
  • Breaking change (fix or feature that would cause existing features not to work as expected)
  • Documentation Update
  • Code style update (formatting, renaming)
  • Refactoring (no functional changes, no API changes)
  • Build related changes
  • Other (please describe): Security update

@dcmcand dcmcand added needs: review 👀 This PR is complete and ready for reviewing area: security 🔐 labels Jun 18, 2024
pt247
pt247 approved these changes Jun 20, 2024
View reviewed changes
Copy link
Contributor

@pt247 pt247 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

Detailed notes

In the Azure provider we are using 1.2 is the default. And come Nov 24 it will become the minimum (docs).

Also, as this is for saving Terraform state, we do not need to configure clients to use TLS 1.2. (docs)

According to AzureRM Provider Version v3.0 docs about azurerm_storage_account: The default value for the field min_tls_version will change from TLS1_0 to TLS1_2.

We have been using Version v3.0 since late 2022 (PR) when we release release 2022.10.1 came out. As the release notes say, this was a breaking release. So we are good.

@dcmcand dcmcand merged commit 9baab7e into develop Jun 20, 2024
28 checks passed
@dcmcand dcmcand deleted the tls-1-2-min-azure-storage branch June 20, 2024 14:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pt247 pt247 pt247 approved these changes

@Adam-D-Lewis Adam-D-Lewis Awaiting requested review from Adam-D-Lewis

@marcelovilla marcelovilla Awaiting requested review from marcelovilla

@viniciusdc viniciusdc Awaiting requested review from viniciusdc

Assignees
No one assigned
Labels
area: security 🔐 needs: review 👀 This PR is complete and ready for reviewing
Projects
🪴 Nebari Project Management
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

The minimum TLS version for Storage Accounts should be TLS1_2
2 participants
@dcmcand @pt247