Azure Spring Cloud app end-to-end TLS is disabled
Description
This policy detects whether Azure Spring Cloud apps disable end-to-end TLS encryption. Disabling end-to-end TLS leaves your application traffic vulnerable, as data transmitted within your Azure Spring Cloud environment may be exposed to unauthorized access and interception. As a security best practice, it is strongly recommended to enable end-to-end TLS to protect your Spring Cloud application traffic. Enabling end-to-end TLS secures all traffic flowing between the ingress controller and your applications.
Code Example
go
resource "azurerm_spring_cloud_app" "example" {
...
+ tls_enabled = true
}Remediation
Terraform
- Resource: azurerm_spring_cloud_service, azurerm_spring_cloud_app
- Arguments: tls_enabled
To mitigate this issue, set the `tls_enabled` attribute to true within your Terraform configurations for Azure Spring Cloud applications.
Example:
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0812 |
| Severity | LOW |
| IaC Type | Terraform |
| Frameworks | Terraform, Terraform |
| Checkov ID | CKV2_AZURE_55 |