Ensure Azure Redis Cache uses the latest version of TLS encryption
Error: Azure Redis Cache does not use the latest version of TLS encryption
Bridgecrew Policy ID: BC_AZR_NETWORKING_59
Checkov Check ID: CKV_AZURE_148
Severity: LOW
Azure Redis Cache does not use the latest version of TLS encryption
Description
The Transport Layer Security (TLS) protocol secures transmission of data between servers and web browsers, over the Internet, using standard encryption technology. To follow security best practices and the latest PCI compliance standards, enable the latest version of TLS protocol (i.e. TLS 1.2) for all your Azure Redis Cache instances.
Fix - Runtime
Fix - Buildtime
Terraform
- Resource: azurerm_redis_cache
- Argument: minimum_tls_version
resource "azurerm_redis_cache" "pass" {
name = "timeout-redis"
location = "West Europe"
resource_group_name = azurerm_resource_group.example_rg.name
subnet_id = azurerm_subnet.example_redis_snet.id
family = "P"
capacity = 1
sku_name = "Premium"
shard_count = 1
enable_non_ssl_port = false
minimum_tls_version = "1.2"
public_network_access_enabled = true
redis_configuration {
enable_authentication = true
maxmemory_policy = "volatile-lru"
}
}
Updated 6 months ago