turbot/steampipe-mod-azure-compliance

Control: Redis Caches 'Minimum TLS version' should be set to 'Version 1.2'

Description

This control checks whether 'Minimum TLS version' is set to 1.2. TLS 1.0 is a legacy version and has known vulnerabilities. This minimum TLS version can be configured to later protocols such as TLS 1.2.

Usage

Run the control in your terminal:

powerpipe control run azure_compliance.control.redis_cache_min_tls_1_2

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run azure_compliance.control.redis_cache_min_tls_1_2 --share

SQL

This control uses a named query:

select
c.id as resource,
case
when minimum_tls_version is null then 'alarm'
when minimum_tls_version = '1.2' then 'ok'
else 'alarm'
end as status,
case
when minimum_tls_version is null then c.name || ' minimum TLS version not set.'
else c.name || ' minimum TLS version set to ' || minimum_tls_version || '.'
end as reason
, c.resource_group as resource_group
, sub.display_name as subscription
from
azure_redis_cache as c,
azure_subscription sub
where
sub.subscription_id = c.subscription_id;

Tags