https://azure.microsoft.com/en-us/updates/azure-support-tls-will-end-by-31-october-2024-2/
Azure 对 TLS 1.0 和 1.1 的支持将于 2024 年 10 月 31 日结束。我需要升级每个存储帐户 MinimumTlsVersion
属性。
虽然有多种方法可以做到这一点(pwsh
、Portal、ARM),但我很好奇是否有办法获取使用 TLS < 1.2 的所有存储的列表。
# Ensure you're logged in to Azure
# Connect-AzAccount
# Set your Azure subscription ID
$subscriptionId = "your-subscription-id"
# Select the Azure subscription
Select-AzSubscription -SubscriptionId $subscriptionId
# Get all Storage accounts in the subscription
$storageAccounts = Get-AzStorageAccount
# Initialize an empty array to hold Storage accounts with TLS 1.0
$storagesUsingTls1_0 = @()
foreach ($storage in $storageAccounts) {
try {
# Attempt to fetch the storage account properties, including the minimum TLS version
$storageProps = Get-AzStorageAccount -ResourceGroupName $storage.ResourceGroupName -AccountName $storage.StorageAccountName
$tlsSetting = $storageProps.Encryption.MinimumTlsVersion
# Check if the TLS version is 1.0
if ($tlsSetting -eq "TLS1_0") {
# Add to the list
$storagesUsingTls1_0 += $storage
}
} catch {
Write-Host "Error retrieving TLS settings for storage account: $($storage.StorageAccountName)"
}
}
# Output the Storage accounts using TLS 1.0
$storagesUsingTls1_0 | Format-Table StorageAccountName, ResourceGroupName, Location, @{Name="TLS Version"; Expression={$_.Encryption.MinimumTlsVersion}}