-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Azure Web Apps - Ensure SCM minimum TLS version is set to 1.2 #6283
Labels
checks
Check additions or changes
Comments
Hi @tdefise, we do have a Policy within Checkov that checks for this: CKV_AZURE_15 Checkov Doc Link: https://www.checkov.io/5.Policy%20Index/terraform.html#:~:text=1217,CKV_AZURE_15 |
Hi @itariq20, CKV_AZURE_15 check for "minimum_tls_version" cc
However, I don't see checks for "scm_minimum_tls_version" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the issue
It seems that there are no checks in order to ensure that web apps have their SCM minimum TLS version is set to 1.2
Examples
Version (please complete the following information):
Additional context
Having SCM set to a minimum TLS version of 1.2 ensure that data-in-transit will be encrypted using a current TLS version, which is less likely subject to attack, and also required by some regulatory requirements.
Even if by default it is set to 1.2, it's always good to have a check that ensure that if someone specified the parameter with an version not equal to 1.2, it would be flagged
The text was updated successfully, but these errors were encountered: