Azure Web App - Set Minimum version of TLS

3
votes

Recently Azure added a feature in the UI to set a minimum TLS version per WebApp in the portal. I was wondering if anyone has found a way to set it through REST API or powershell. I have about 50 WebApps in each subscription and doing this manually would not be feasible.

Ive included a screenshot of the setting enter image description here

3
powershellazureazure-web-app-servicetls1.2
According to blogs.msdn.microsoft.com/appserviceteam/2018/04/17/… "TLS configuration through CLI and PoweShell will be coming soon."andresm53

3 Answers

3
votes

CLI is actually available: https://docs.microsoft.com/en-us/cli/azure/webapp/config?view=azure-cli-latest#az-webapp-config-set

PowerShell will be coming soon after a needed SDK update is complete.

2
votes

This can be accomplished with PowerShell by calling the Set-AzureRMResource cmdlet with the relevant parameters. For your case:

# Iterate all sites and set the Minimum TLS version to 1.2 (SSL Settings)
Get-AzureRmResource -ResourceType Microsoft.Web/sites | ForEach-Object {
    $params = @{
        ApiVersion        = '2018-02-01'
        ResourceName      = '{0}/web' -f $_.Name
        ResourceGroupName = $_.ResourceGroupName
        PropertyObject    = @{ minTlsVersion = 1.2 }
        ResourceType      = 'Microsoft.Web/sites/config'
    }
    Set-AzureRmResource @params -Force
}
0
votes

If you want to use PowerShell:

 Set-AzWebApp -MinTlsVersion '1.2' -ResourceGroupName $ResourceGroupName -Name $webappName;