[New control] GR7V1 and GR9V4 | Validation for storage account TLS version #275

dutt0 · 2024-11-20T05:44:29Z

Overview/Summary

This new control determines whether every storage account is using a minimum of TLS 1.2. If all storage accounts have TLS 1.2+ than pass. If one of more storage accounts have TLS 1.1 or below the check will be non-compliant and return the list of storage accounts that do not meet this requirement.

This PR fixes/adds/changes/removes

This pull request creates two new control for GR7V1 and GR9V4. It checks all storage accounts for TLS version and determines the compliance status as per the requirement of this validation

Breaking Changes

N/A

Testing Evidence

Positive testing:

Negative testing:

As part of this Pull Request I have

Checked for duplicate Pull Requests
Associated it with relevant GitHub Issues
Ensured my code/branch is up-to-date with the latest changes in the main branch
Performed testing and provided evidence.
Updated relevant and associated documentation.
Ensure PowerShell module versions have been updated (manually or with the ./tools/Update-ModuleVersions.ps1 script)

src/GUARDRAIL 7 PROTECTION OF DATA-IN-TRANSIT/Audit/Check-StorageAccountTLSversion.psm1

dutt0 added 2 commits November 20, 2024 00:42

GR7V1 control for storage acc TLS version

4e86bbd

remove commented lines

ba35e23

dutt0 temporarily deployed to test November 20, 2024 11:53 — with GitHub Actions Inactive

dutt0 temporarily deployed to test November 20, 2024 11:54 — with GitHub Actions Inactive

update

5c92672

dutt0 temporarily deployed to test November 20, 2024 15:15 — with GitHub Actions Inactive

dutt0 temporarily deployed to test November 20, 2024 15:16 — with GitHub Actions Inactive

adding compliance messages

3e7d880

dutt0 temporarily deployed to test November 20, 2024 16:13 — with GitHub Actions Inactive

dutt0 had a problem deploying to test November 20, 2024 16:14 — with GitHub Actions Failure

dutt0 had a problem deploying to test November 20, 2024 16:30 — with GitHub Actions Failure

dutt0 temporarily deployed to test November 20, 2024 16:49 — with GitHub Actions Inactive

remove function param

c78a679

dutt0 temporarily deployed to test November 20, 2024 17:15 — with GitHub Actions Inactive

dutt0 had a problem deploying to test November 20, 2024 17:15 — with GitHub Actions Failure

dutt0 changed the title ~~GR7V1 control for storage acc TLS version~~ [New control] GR7V1 and GR9V4 | Validation for storage account TLS version Nov 20, 2024

This was linked to issues Nov 20, 2024

GR7 | Validation 1 | Storage Accounts TLS 1.2 (M) #190

Closed

GR9 | Validation 4 | Storage Accounts TLS 1.2 (M) #219

Closed

dutt0 had a problem deploying to test November 20, 2024 17:33 — with GitHub Actions Failure

dutt0 temporarily deployed to test November 20, 2024 17:48 — with GitHub Actions Inactive

dutt0 added 2 commits November 20, 2024 15:28

fixed bug

14639f6

Merge branch 'main' into idutta/GR7_v1_TLS_storage_acccount

916e445

dutt0 temporarily deployed to test November 21, 2024 11:58 — with GitHub Actions Inactive

dutt0 temporarily deployed to test November 21, 2024 12:34 — with GitHub Actions Inactive

dutt0 added 2 commits November 21, 2024 08:17

remove non-required param

d2bc4fa

adding for GR9 V4

5eed99f

dutt0 temporarily deployed to test November 21, 2024 13:32 — with GitHub Actions Inactive

dutt0 temporarily deployed to test November 21, 2024 13:33 — with GitHub Actions Inactive

dutt0 temporarily deployed to test November 21, 2024 23:51 — with GitHub Actions Inactive

dutt0 temporarily deployed to test November 22, 2024 15:30 — with GitHub Actions Inactive

error handling

c50a7d9

dutt0 temporarily deployed to test November 22, 2024 15:49 — with GitHub Actions Inactive

update

40fb000

singhgss temporarily deployed to test November 22, 2024 16:23 — with GitHub Actions Inactive

singhgss had a problem deploying to test November 22, 2024 16:23 — with GitHub Actions Failure

singhgss temporarily deployed to test November 22, 2024 16:38 — with GitHub Actions Inactive

dutt0 added 3 commits November 22, 2024 12:30

debug update

0539933

debug update

8eea438

remove param

95f875d

dutt0 temporarily deployed to test November 22, 2024 17:45 — with GitHub Actions Inactive

update

fdcb459

dutt0 temporarily deployed to test November 22, 2024 19:56 — with GitHub Actions Inactive

dutt0 temporarily deployed to test November 22, 2024 19:57 — with GitHub Actions Inactive

dutt0 added 3 commits November 22, 2024 14:59

update

6cd0427

remove debug messages

2f77c0a

Merge branch 'main' into idutta/GR7_v1_TLS_storage_acccount

73a6d1f

dutt0 temporarily deployed to test November 22, 2024 20:29 — with GitHub Actions Inactive

dutt0 marked this pull request as ready for review November 22, 2024 20:30

dutt0 requested review from alalvi00 and singhgss as code owners November 22, 2024 20:30

dutt0 temporarily deployed to test November 22, 2024 20:30 — with GitHub Actions Inactive

singhgss reviewed Nov 25, 2024

View reviewed changes

src/GUARDRAIL 7 PROTECTION OF DATA-IN-TRANSIT/Audit/Check-StorageAccountTLSversion.psm1 Outdated Show resolved Hide resolved

update

dd7958c

singhgss approved these changes Nov 25, 2024

View reviewed changes

alalvi00 approved these changes Nov 25, 2024

View reviewed changes

dutt0 merged commit a96f2ab into main Nov 25, 2024
4 checks passed

dutt0 deleted the idutta/GR7_v1_TLS_storage_acccount branch November 25, 2024 18:57

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[New control] GR7V1 and GR9V4 | Validation for storage account TLS version #275

[New control] GR7V1 and GR9V4 | Validation for storage account TLS version #275

dutt0 commented Nov 20, 2024 •

edited

Loading

[New control] GR7V1 and GR9V4 | Validation for storage account TLS version #275

[New control] GR7V1 and GR9V4 | Validation for storage account TLS version #275

Conversation

dutt0 commented Nov 20, 2024 • edited Loading

Overview/Summary

This PR fixes/adds/changes/removes

Breaking Changes

Testing Evidence

As part of this Pull Request I have

dutt0 commented Nov 20, 2024 •

edited

Loading