Skip to content

Commit 9f6aa84

Browse files
EldertGrootenboerEldertGrootenboer
authored
We don't allow TLS below version 1.2 anymore
1 parent c39691a commit 9f6aa84

File tree

1 file changed

+5
-5
lines changed

1 file changed

+5
-5
lines changed

articles/service-bus-messaging/transport-layer-security-audit-minimum-version.md

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@ To create a policy with an audit effect for the minimum TLS version with the Azu
3737
{
3838
"not": {
3939
"field": "Microsoft.ServiceBus/namespaces/minimumTlsVersion",
40-
"equals": "1.2"
40+
"equals": "1.3"
4141
}
4242
}
4343
]
@@ -85,7 +85,7 @@ Azure Policy supports cloud governance by ensuring that Azure resources adhere t
8585

8686
The enforcement policy uses the deny effect to prevent a request that would create or modify a Service Bus namespace so that the minimum TLS version no longer adheres to your organization's standards. For more information about effects, see [Understand Azure Policy effects](../governance/policy/concepts/effects.md).
8787

88-
To create a policy with a deny effect for a minimum TLS version that is less than TLS 1.2, provide the following JSON in the **policyRule** section of the policy definition:
88+
To create a policy with a deny effect for a minimum TLS version that is less than TLS 1.3, provide the following JSON in the **policyRule** section of the policy definition:
8989

9090
```json
9191
{
@@ -99,7 +99,7 @@ To create a policy with a deny effect for a minimum TLS version that is less tha
9999
{
100100
"not": {
101101
"field": "Microsoft.ServiceBus/namespaces/minimumTlsVersion",
102-
"equals": "1.2"
102+
"equals": "1.3"
103103
}
104104
}
105105
]
@@ -111,9 +111,9 @@ To create a policy with a deny effect for a minimum TLS version that is less tha
111111
}
112112
```
113113

114-
After you create the policy with the deny effect and assign it to a scope, a user cannot create a Service Bus namespace with a minimum TLS version that is older than 1.2. Nor can a user make any configuration changes to an existing Service Bus namespace that currently requires a minimum TLS version that is older than 1.2. Attempting to do so results in an error. The required minimum TLS version for the Service Bus namespace must be set to 1.2 to proceed with namespace creation or configuration.
114+
After you create the policy with the deny effect and assign it to a scope, a user cannot create a Service Bus namespace with a minimum TLS version that is older than 1.3. Nor can a user make any configuration changes to an existing Service Bus namespace that currently requires a minimum TLS version that is older than 1.3. Attempting to do so results in an error. The required minimum TLS version for the Service Bus namespace must be set to 1.3 to proceed with namespace creation or configuration.
115115

116-
An error will be shown if you try to create a Service Bus namespace with the minimum TLS version set to TLS 1.0 when a policy with a deny effect requires that the minimum TLS version be set to TLS 1.2.
116+
An error will be shown if you try to create a Service Bus namespace with the minimum TLS version set to TLS 1.2 when a policy with a deny effect requires that the minimum TLS version be set to TLS 1.3.
117117

118118
## Next steps
119119

0 commit comments

Comments
 (0)