| Plugin Title | Storage Accounts HTTPS |
| Cloud | AZURE |
| Category | Storage Accounts |
| Description | Ensures HTTPS-only traffic is allowed to storage account endpoints |
| More Info | Storage Accounts can contain sensitive information and should only be accessed over HTTPS. Enabling the HTTPS-only flag ensures that Azure does not allow HTTP traffic to Storage Accounts. |
| AZURE Link | https://docs.microsoft.com/en-us/azure/governance/policy/samples/ensure-https-storage-account |
| Recommended Action | Enable the HTTPS-only option for all Storage Accounts. |
- Log in to the Microsoft Azure Management Console.
- Select the "Search resources, services, and docs" option at the top and search for Storage account.
- Select the "Storage account" by clicking on the "Name" link to access the configuration changes.
- Scroll down the selected "Storage account" navigation panel and in "Settings" click on the "Configurations".
- On the "Configurations" page, scroll down and check whether "Secure transfer required" is set to Disabled or Enabled. If it's set to "Disabled", then the HTTPS-only traffic is not allowed to storage account endpoints.
- Repeat steps 2 - 5 to check other Storage accounts.
- Navigate to the "Storage accounts", select the "Storage account" and click on the "Name", select the "Configurations" under "Settings" that needs to enable the "HTTPS".
- On the "Configurations" page, click on the radio button next to the Enabled under the "Secure transfer required".
- Click on the "Save" option at the top to make the changes.
- Repeat steps number 7 - 9 to enable the HTTPS-only option for all Storage Accounts.
