Ensure MSSQL is using the latest version of TLS encryption

Error: MSSQL is not using the latest version of TLS encryption

Bridgecrew Policy ID: BC_AZR_GENERAL_76
Checkov Check ID: CKV_AZURE_52
Severity: MEDIUM

MSSQL is not using the latest version of TLS encryption

Description

The Transport Layer Security (TLS) protocol secures transmission of data between servers and web browsers, over the Internet, using standard encryption technology. To follow security best practices and the latest PCI compliance standards, enable the latest version of TLS protocol (i.e. TLS 1.2) for all your MSSQL servers.

Fix - Buildtime

Terraform

  • Resource: azurerm_mssql_server
  • Argument: minimum_tls_version
resource "azurerm_mssql_server" "examplea" {
   ...
 + minimum_tls_version           = "1.2"
   ...
 }