Pattern: Storage accounts should be configured to only accept transfers that are over secure connections
Issue: -
You can configure your storage account to accept requests from secure connections only by setting the Secure transfer required property for the storage account.
When you require secure transfer, any requests originating from an insecure connection are rejected.
Microsoft recommends that you always require secure transfer for all of your storage accounts.
Resolution: Only allow secure connection for transfering data into storage accounts.
Example of incorrect code:
resource "azurerm_storage_account" "bad_example" {
name = "storageaccountname"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "GRS"
enable_https_traffic_only = false
}Example of correct code:
resource "azurerm_storage_account" "good_example" {
name = "storageaccountname"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "GRS"
enable_https_traffic_only = true
}