如何设置最低 Tls 版本
How to set Minimum Tls version
我们如何在通过 Terraform 创建存储帐户时将最低 tls 版本设置为 1.2 并将网络连接设置为 Public 端点(选定网络)?
Here 是 azurerm_storage_account 的网络规则用法示例。要将最低 tls 版本设置为 1.2,您可以使用块 min_tls_version。默认情况下,块 network_rules 用于存储帐户的 public 端点。您可以 select 允许或拒绝某些网络。
resource "azurerm_resource_group" "example" {
name = "example-resources"
location = "West Europe"
}
resource "azurerm_virtual_network" "example" {
name = "virtnetname"
address_space = ["10.0.0.0/16"]
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
}
resource "azurerm_subnet" "example" {
name = "subnetname"
resource_group_name = azurerm_resource_group.example.name
virtual_network_name = azurerm_virtual_network.example.name
address_prefix = "10.0.2.0/24"
service_endpoints = ["Microsoft.Sql", "Microsoft.Storage"]
}
resource "azurerm_storage_account" "example" {
name = "storageaccountname123"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "LRS"
min_tls_version = "TLS1_2"
network_rules {
default_action = "Deny"
ip_rules = ["100.0.0.1"]
virtual_network_subnet_ids = [azurerm_subnet.example.id]
}
tags = {
environment = "staging"
}
}
结果
版本
您可以检查 terraform 版本,或者您可以通过 https://www.terraform.io/downloads.html
升级到最新的 terraform
提供商
provider "azurerm" {
subscription_id = var.subscription_id
client_id = var.client_id
client_secret = var.client_secret
tenant_id = var.tenant_id
features {}
}
我们如何在通过 Terraform 创建存储帐户时将最低 tls 版本设置为 1.2 并将网络连接设置为 Public 端点(选定网络)?
Here 是 azurerm_storage_account 的网络规则用法示例。要将最低 tls 版本设置为 1.2,您可以使用块 min_tls_version。默认情况下,块 network_rules 用于存储帐户的 public 端点。您可以 select 允许或拒绝某些网络。
resource "azurerm_resource_group" "example" {
name = "example-resources"
location = "West Europe"
}
resource "azurerm_virtual_network" "example" {
name = "virtnetname"
address_space = ["10.0.0.0/16"]
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
}
resource "azurerm_subnet" "example" {
name = "subnetname"
resource_group_name = azurerm_resource_group.example.name
virtual_network_name = azurerm_virtual_network.example.name
address_prefix = "10.0.2.0/24"
service_endpoints = ["Microsoft.Sql", "Microsoft.Storage"]
}
resource "azurerm_storage_account" "example" {
name = "storageaccountname123"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "LRS"
min_tls_version = "TLS1_2"
network_rules {
default_action = "Deny"
ip_rules = ["100.0.0.1"]
virtual_network_subnet_ids = [azurerm_subnet.example.id]
}
tags = {
environment = "staging"
}
}
结果
版本
您可以检查 terraform 版本,或者您可以通过 https://www.terraform.io/downloads.html
升级到最新的 terraform提供商
provider "azurerm" {
subscription_id = var.subscription_id
client_id = var.client_id
client_secret = var.client_secret
tenant_id = var.tenant_id
features {}
}