You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/automation/automation-managing-data.md
+7-5Lines changed: 7 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -3,7 +3,7 @@ title: Azure Automation data security
3
3
description: This article helps you learn how Azure Automation protects your privacy and secures your data.
4
4
services: automation
5
5
ms.subservice: shared-capabilities
6
-
ms.date: 11/20/2023
6
+
ms.date: 05/09/2024
7
7
ms.topic: conceptual
8
8
ms.custom:
9
9
ms.service: azure-automation
@@ -19,19 +19,21 @@ To ensure the security of data in transit to Azure Automation, we strongly encou
19
19
20
20
* Webhook calls
21
21
22
-
* Hybrid Runbook Workers, which include machines managed by Update Management and Change Tracking and Inventory.
22
+
*User Hybrid Runbook Workers (extension-based and agent-based)
23
23
24
-
* DSC nodes
24
+
* Machines managed by Azure Automation Update management and Azure Automation Change tracking & inventory
25
+
26
+
* Azure Automation DSC nodes
25
27
26
28
Older versions of TLS/Secure Sockets Layer (SSL) have been found to be vulnerable and while they still currently work to allow backwards compatibility, they are **not recommended**. We do not recommend explicitly setting your agent to only use TLS 1.2 unless its necessary, as it can break platform level security features that allow you to automatically detect and take advantage of newer more secure protocols as they become available, such as TLS 1.3.
27
29
28
30
For information about TLS support with the Log Analytics agent for Windows and Linux, which is a dependency for the Hybrid Runbook Worker role, see [Log Analytics agent overview - TLS](../azure-monitor/agents/log-analytics-agent.md#tls-protocol).
29
31
30
32
### Upgrade TLS protocol for Hybrid Workers and Webhook calls
31
33
32
-
From **31 October 2024**, all agent-based and extension-based User Hybrid Runbook Workers, Webhooks, and DSC nodes using Transport Layer Security (TLS) 1.0 and 1.1 protocols would no longer be able to connect to Azure Automation. All jobs running or scheduled on Hybrid Workers using TLS 1.0 and 1.1 protocols will fail.
34
+
From **31 October 2024**, all agent-based and extension-based User Hybrid Runbook Workers, Webhooks, DSC nodes and Azure Automation Update management and Change Tracking managed machines, using Transport Layer Security (TLS) 1.0 and 1.1 protocols would no longer be able to connect to Azure Automation. All jobs running or scheduled on Hybrid Workers using TLS 1.0 and 1.1 protocols will fail.
33
35
34
-
Ensure that the Webhook calls that trigger runbooks navigate on TLS 1.2 or higher. Ensure to make registry changes so that Agent and Extension based workers negotiate only on TLS 1.2 and higher protocols. Learn how to [disable TLS 1.0/1.1 protocols on Windows Hybrid Worker and enable TLS 1.2 or above](/system-center/scom/plan-security-tls12-config#configure-windows-operating-system-to-only-use-tls-12-protocol) on Windows machine.
36
+
Ensure that the Webhook calls that trigger runbooks navigate on TLS 1.2 or higher. Learn how to [disable TLS 1.0/1.1 protocols on Windows Hybrid Worker and enable TLS 1.2 or above](/system-center/scom/plan-security-tls12-config#configure-windows-operating-system-to-only-use-tls-12-protocol) on Windows machine.
35
37
36
38
For Linux Hybrid Workers, run the following Python script to upgrade to the latest TLS protocol.
0 commit comments