You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/storage/common/storage-require-secure-transfer.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -7,7 +7,7 @@ author: normesta
7
7
8
8
ms.service: azure-storage
9
9
ms.topic: how-to
10
-
ms.date: 06/01/2021
10
+
ms.date: 06/17/2024
11
11
ms.author: normesta
12
12
ms.reviewer: fryu
13
13
ms.subservice: storage-common-concepts
@@ -17,18 +17,18 @@ ms.devlang: azurecli
17
17
18
18
# Require secure transfer to ensure secure connections
19
19
20
-
You can configure your storage account to accept requests from secure connections only by setting the **Secure transfer required** property for the storage account. When you require secure transfer, any requests originating from an insecure connection are rejected. Microsoft recommends that you always require secure transfer for all of your storage accounts.
20
+
You can configure your storage account to accept requests from secure connections only by setting the **Secure transfer required** property for the storage account. When you require secure transfer, any requests originating from an insecure connection are rejected. Microsoft recommends that you always require secure transfer for all of your storage accounts, unless you're using NFS Azure file shares. The **Secure transfer required** property must be disabled in order for NFS Azure file shares to work.
21
21
22
22
When secure transfer is required, a call to an Azure Storage REST API operation must be made over HTTPS. Any request made over HTTP is rejected. By default, the **Secure transfer required** property is enabled when you create a storage account.
23
23
24
24
Azure Policy provides a built-in policy to ensure that secure transfer is required for your storage accounts. For more information, see the **Storage** section in [Azure Policy built-in policy definitions](../../governance/policy/samples/built-in-policies.md#storage).
25
25
26
-
Connecting to an Azure file share over SMB without encryption fails when secure transfer is required for the storage account. Examples of insecure connections include those made over SMB 2.1 or SMB 3.x without encryption.
26
+
Connecting to an Azure file share over SMB without encryption fails when secure transfer is required for the storage account. Examples of insecure connections include those made over SMB 2.1 or SMB 3.x without encryption.
27
27
28
28
> [!NOTE]
29
-
> Because Azure Storage doesn't support HTTPS for custom domain names, this option is not applied when you're using a custom domain name.
29
+
> Because Azure Storage doesn't support HTTPS for custom domain names, this option isn't applied when you're using a custom domain name.
30
30
>
31
-
> This secure transfer setting does not apply to TCP. Connections via NFS 3.0 protocol support in Azure Blob Storage using TCP, which is not secured, will succeed.
31
+
> This secure transfer setting doesn't apply to TCP. Connections via NFS 3.0 protocol support in Azure Blob Storage using TCP, which isn't secured, will succeed.
0 commit comments