Azure 存储帐户最低 TLS1.2 支持
Azure StorageAccount minimum TLS1.2 support
我使用 ARM 在 Azure 中定义我的资源。现在我想在我的 ARM 模板中为 StorageAccount 定义支持的最低 TLS 版本。
通常我只是通过仪表板编辑资源并导出生成的 ARM 模板,然后寻找新的更改。不幸的是,对于 TLS 版本,这不会成为 ARM 模板定义的一部分。
我也找不到架构定义中的任何提及 -> https://github.com/Azure/azure-resource-manager-schemas/blob/master/schemas/2019-06-01/Microsoft.Storage.json
有谁知道我怎样才能在资源部署期间或资源部署后立即使最低 TLS 版本不低于 1.2?
我刚刚使用 tls 1.2 创建了一个存储帐户,我可以在模板中看到它:
"minimumTlsVersion": "[参数('minimumTlsVersion')]",
且参数值为:
"minimumTlsVersion": {
"value": "TLS1_2"
},
这是完整的模板
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string"
},
"storageAccountName": {
"type": "string"
},
"accountType": {
"type": "string"
},
"kind": {
"type": "string"
},
"accessTier": {
"type": "string"
},
"minimumTlsVersion": {
"type": "string"
},
"supportsHttpsTrafficOnly": {
"type": "bool"
},
"allowBlobPublicAccess": {
"type": "bool"
},
"networkAclsBypass": {
"type": "string"
},
"networkAclsDefaultAction": {
"type": "string"
}
},
"variables": {},
"resources": [
{
"name": "[parameters('storageAccountName')]",
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2019-06-01",
"location": "[parameters('location')]",
"properties": {
"accessTier": "[parameters('accessTier')]",
"minimumTlsVersion": "[parameters('minimumTlsVersion')]",
"supportsHttpsTrafficOnly": "[parameters('supportsHttpsTrafficOnly')]",
"allowBlobPublicAccess": "[parameters('allowBlobPublicAccess')]",
"networkAcls": {
"bypass": "[parameters('networkAclsBypass')]",
"defaultAction": "[parameters('networkAclsDefaultAction')]",
"ipRules": []
}
},
"dependsOn": [],
"sku": {
"name": "[parameters('accountType')]"
},
"kind": "[parameters('kind')]",
"tags": {}
}
],
"outputs": {}
}
我使用 ARM 在 Azure 中定义我的资源。现在我想在我的 ARM 模板中为 StorageAccount 定义支持的最低 TLS 版本。
通常我只是通过仪表板编辑资源并导出生成的 ARM 模板,然后寻找新的更改。不幸的是,对于 TLS 版本,这不会成为 ARM 模板定义的一部分。 我也找不到架构定义中的任何提及 -> https://github.com/Azure/azure-resource-manager-schemas/blob/master/schemas/2019-06-01/Microsoft.Storage.json
有谁知道我怎样才能在资源部署期间或资源部署后立即使最低 TLS 版本不低于 1.2?
我刚刚使用 tls 1.2 创建了一个存储帐户,我可以在模板中看到它:
"minimumTlsVersion": "[参数('minimumTlsVersion')]",
且参数值为:
"minimumTlsVersion": {
"value": "TLS1_2"
},
这是完整的模板
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string"
},
"storageAccountName": {
"type": "string"
},
"accountType": {
"type": "string"
},
"kind": {
"type": "string"
},
"accessTier": {
"type": "string"
},
"minimumTlsVersion": {
"type": "string"
},
"supportsHttpsTrafficOnly": {
"type": "bool"
},
"allowBlobPublicAccess": {
"type": "bool"
},
"networkAclsBypass": {
"type": "string"
},
"networkAclsDefaultAction": {
"type": "string"
}
},
"variables": {},
"resources": [
{
"name": "[parameters('storageAccountName')]",
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2019-06-01",
"location": "[parameters('location')]",
"properties": {
"accessTier": "[parameters('accessTier')]",
"minimumTlsVersion": "[parameters('minimumTlsVersion')]",
"supportsHttpsTrafficOnly": "[parameters('supportsHttpsTrafficOnly')]",
"allowBlobPublicAccess": "[parameters('allowBlobPublicAccess')]",
"networkAcls": {
"bypass": "[parameters('networkAclsBypass')]",
"defaultAction": "[parameters('networkAclsDefaultAction')]",
"ipRules": []
}
},
"dependsOn": [],
"sku": {
"name": "[parameters('accountType')]"
},
"kind": "[parameters('kind')]",
"tags": {}
}
],
"outputs": {}
}