jurjen.ladenius/Cloud-20Engineering
1
0
Fork 0
mirror of https://dev.azure.com/effectory/Survey%20Software/_git/Cloud%20Engineering synced 2026-02-27 10:45:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merged PR 59561: Require TLS 1.2 or 1.3 in policy #117286

Browse Source 
Require  TLS 1.2 or 1.3 in policy #117286

Related work items: #117286
This commit is contained in:
Jurjen Ladenius Effectory
2025-05-15 14:32:07 +00:00
parent 812b3ce2e9
commit 1f5d3bc0ed
2 changed files with 118 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

115
Policies/Web Applications should only accept TLS 1.2 or higher (v5).json Normal file
View File

@@ -0,0 +1,115 @@
{
"mode": "All",
"policyRule": {
"if": {
"anyOf": [
{
"allOf": [
{
"field": "type",
"equals": "Microsoft.Web/sites"
},
{
"field": "Microsoft.Web/sites/httpsOnly",
"notEquals": "true"
}
]
},
{
"allOf": [
{
"field": "type",
"equals": "Microsoft.Web/sites/slots"
},
{
"field": "Microsoft.Web/sites/slots/httpsOnly",
"notEquals": "true"
}
]
},
{
"allOf": [
{
"field": "type",
"equals": "Microsoft.Web/sites/config"
},
{
"field": "name",
"notLike": "connectionstrings"
},
{
"field": "name",
"notLike": "backup"
},
{
"field": "name",
"notLike": "authsettingsV2"
},
{
"field": "name",
"notLike": "authsettings"
},
{
"field": "name",
"notLike": "appsettings"
},
{
"field": "Microsoft.Web/sites/config/minTlsVersion",
"less": "1.2"
}
]
},
{
"allOf": [
{
"field": "type",
"equals": "Microsoft.Web/sites/slots/config"
},
{
"field": "name",
"notLike": "connectionstrings"
},
{
"field": "name",
"notLike": "backup"
},
{
"field": "name",
"notLike": "authsettingsV2"
},
{
"field": "name",
"notLike": "authsettings"
},
{
"field": "name",
"notLike": "appsettings"
},
{
"field": "Microsoft.Web/sites/slots/config/minTlsVersion",
"less": "1.2"
}
]
}
]
},
"then": {
"effect": "[parameters('effect')]"
}
},
"parameters": {
"effect": {
"type": "String",
"metadata": {
"displayName": "Effect",
"description": "Enable or disable the execution of the policy"
},
"allowedValues": [
"Audit",
"deny",
"Disabled"
],
"defaultValue": "Audit"
}
}
}

4
Powershell/Lists/SQL/SQLUserCheck.ps1
View File

@@ -21,7 +21,9 @@ class UserItem {
[string] $AuthenticationType = "" [string] $AuthenticationType = ""
} }
$serverList= @('c0m7f8nybr.database.windows.net','calculations.database.windows.net','effectory.database.windows.net','effectorycore.database.windows.net', 'logit-backup.database.windows.net', 'mhpfktialk.database.windows.net', 'participants.database.windows.net', 'signin-effectory.database.windows.net', 'sqlserver01prod.6a1f4aa9f43a.database.windows.net') $serverList= @('c0m7f8nybr.database.windows.net','calculations.database.windows.net','effectory.database.windows.net','effectorycore.database.windows.net',
'logit-backup.database.windows.net', 'mhpfktialk.database.windows.net', 'participants.database.windows.net', 'signin-effectory.database.windows.net',
'sqlserver01prod.6a1f4aa9f43a.database.windows.net')
# 'sqlserver01test.164709c94fb0.database.windows.net', 'replication.database.windows.net', # 'sqlserver01test.164709c94fb0.database.windows.net', 'replication.database.windows.net',