Skip to content

feat(queries): implemented queries that checks if the tls encryption version is set to '1.2' or higher for terrraform/azure #7852

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 8 commits into
base: master
Choose a base branch
from
Open

feat(queries): implemented queries that checks if the tls encryption version is set to '1.2' or higher for terrraform/azure #7852

wants to merge 8 commits into from

Conversation

@cx-ricardo-jesus
Copy link
Contributor

@cx-ricardo-jesus cx-ricardo-jesus commented Nov 14, 2025

Reason for Proposed Changes

  • Currently, some relevant resources do not have a query that checks if the TLS encryption version is defined to '1.2' or higher.

Proposed Changes

  • Implemented 4 queries that check if the resources below have the TLS encryption defined to '1.2' or a higher version:

    • query Beta - Function App Deployment Slot Not Using Latest TLS Encryption Version:
      • azurerm_linux_function_app_slot
      • azurerm_windows_function_app_slot
    • query Beta - MSSQL Not Using Latest TLS Encryption Version:
      • azurerm_mssql_server
    • query Beta - PostgreSQL Not Using Latest TLS Encryption Version:
      • azurerm_postgresql_server
    • query Beta - Redis Cache Not Using Latest TLS Encryption Version:
      • azurerm_redis_cache

  • For all the queries, the default value is '1.2', but for the Redis Cache resource, the default value is defined '1.0', which should trigger a positive result.

I submit this contribution under the Apache-2.0 license.

@cx-ricardo-jesus cx-ricardo-jesus requested a review from a team as a code owner November 14, 2025 14:53
@github-actions github-actions bot added feature New feature query New query feature azure PR related with Azure Cloud labels Nov 14, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Nov 14, 2025

kics-logo

KICS version: v2.1.13

Category Results
CRITICAL CRITICAL 0
HIGH HIGH 0
MEDIUM MEDIUM 0
LOW LOW 0
INFO INFO 0
TRACE TRACE 0
TOTAL TOTAL 0
Metric Values
Files scanned placeholder 1
Files parsed placeholder 1
Files failed to scan placeholder 0
Total executed queries placeholder 47
Queries failed to execute placeholder 0
Execution time placeholder 0

@cx-ricardo-jesus cx-ricardo-jesus marked this pull request as draft November 14, 2025 15:10
@cx-ricardo-jesus cx-ricardo-jesus marked this pull request as ready for review November 14, 2025 15:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

azure PR related with Azure Cloud feature New feature query New query feature

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@cx-ricardo-jesus