min TLS version for Azure App Services
Closed this issue · 1 comments
farchide commented
The current test case we have for minTLS version check on Azure App Service is broken since the main resource is not sending back the correct value.
We need to change the snapshot resource type to a subresource: "type": "Microsoft.Web/sites/config"
{
"id": "<id>",
"name": "prod-westus-1",
"type": "Microsoft.Web/sites/config",
"location": "West US",
"tags": {},
"properties": {
"numberOfWorkers": 1,
"netFrameworkVersion": "v4.0",
"phpVersion": "5.6",
"pythonVersion": "",
"nodeVersion": "",
"powerShellVersion": "",
"linuxFxVersion": "",
"windowsFxVersion": "",
"requestTracingEnabled": false,
"remoteDebuggingEnabled": false,
"remoteDebuggingVersion": "VS2017",
"httpLoggingEnabled": true,
"azureMonitorLogCategories": null,
"acrUseManagedIdentityCreds": false,
"acrUserManagedIdentityID": null,
"logsDirectorySizeLimit": 35,
"detailedErrorLoggingEnabled": true,
"publishingUsername": "$prod-westus1",
"publishingPassword": null,
"appSettings": null,
"metadata": null,
"connectionStrings": null,
"machineKey": null,
"handlerMappings": null,
"documentRoot": null,
"scmType": "VSTSRM",
"use32BitWorkerProcess": true,
"webSocketsEnabled": false,
"alwaysOn": false,
"javaVersion": null,
"javaContainer": null,
"javaContainerVersion": null,
"appCommandLine": "",
"managedPipelineMode": "Integrated",
"virtualApplications": [
{
"virtualPath": "/",
"physicalPath": "site\\wwwroot",
"preloadEnabled": false,
"virtualDirectories": null
}
],
"winAuthAdminState": 0,
"winAuthTenantState": 0,
"customAppPoolIdentityAdminState": false,
"customAppPoolIdentityTenantState": false,
"runtimeADUser": null,
"runtimeADUserPassword": null,
"loadBalancing": "LeastRequests",
"routingRules": [],
"experiments": {
"rampUpRules": []
},
"limits": null,
"autoHealEnabled": true,
"tracingOptions": null,
"vnetName": "92236860_backend",
"vnetRouteAllEnabled": false,
"vnetPrivatePortsCount": 0,
"publicNetworkAccess": null,
"siteAuthEnabled": false,
"siteAuthSettings": {
"enabled": null,
"unauthenticatedClientAction": null,
"tokenStoreEnabled": null,
"allowedExternalRedirectUrls": null,
"defaultProvider": null,
"clientId": null,
"clientSecret": null,
"clientSecretSettingName": null,
"clientSecretCertificateThumbprint": null,
"issuer": null,
"allowedAudiences": null,
"additionalLoginParams": null,
"isAadAutoProvisioned": false,
"aadClaimsAuthorization": null,
"googleClientId": null,
"googleClientSecret": null,
"googleClientSecretSettingName": null,
"googleOAuthScopes": null,
"facebookAppId": null,
"facebookAppSecret": null,
"facebookAppSecretSettingName": null,
"facebookOAuthScopes": null,
"gitHubClientId": null,
"gitHubClientSecret": null,
"gitHubClientSecretSettingName": null,
"gitHubOAuthScopes": null,
"twitterConsumerKey": null,
"twitterConsumerSecret": null,
"twitterConsumerSecretSettingName": null,
"microsoftAccountClientId": null,
"microsoftAccountClientSecret": null,
"microsoftAccountClientSecretSettingName": null,
"microsoftAccountOAuthScopes": null,
"configVersion": null
},
"cors": {
"allowedOrigins": null,
"supportCredentials": false
},
"push": null,
"apiDefinition": null,
"apiManagementConfig": null,
"autoSwapSlotName": null,
"localMySqlEnabled": false,
"managedServiceIdentityId": null,
"xManagedServiceIdentityId": null,
"keyVaultReferenceIdentity": null,
"ipSecurityRestrictions": [
{
"ipAddress": "Any",
"action": "Allow",
"priority": 1,
"name": "Allow all",
"description": "Allow all access"
}
],
"scmIpSecurityRestrictions": [
{
"ipAddress": "Any",
"action": "Allow",
"priority": 1,
"name": "Allow all",
"description": "Allow all access"
}
],
"scmIpSecurityRestrictionsUseMain": false,
"http20Enabled": false,
"minTlsVersion": "1.2",
"scmMinTlsVersion": "1.0",
"ftpsState": "AllAllowed",
"preWarmedInstanceCount": 0,
"functionAppScaleLimit": 0,
"healthCheckPath": null,
"fileChangeAuditEnabled": false,
"functionsRuntimeScaleMonitoringEnabled": false,
"websiteTimeZone": null,
"minimumElasticInstanceCount": 0,
"azureStorageAccounts": {},
"http20ProxyFlag": 0,
"sitePort": null,
"antivirusScanEnabled": false
}
}
rezoan commented
Been fixed already.