azurerm_linux_web_app is missing minimum_tls_version = "1.3"

owingruters commented 6 months ago

Is there an existing issue for this?

[X] I have searched the existing issues

Community Note

Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

1.4.4

AzureRM Provider Version

3.101.0

Affected Resource(s)/Data Source(s)

azurerm_linux_web_app and azurerm_windows_web_app

Terraform Configuration Files

resource "azurerm_linux_web_app" "webapp" {
  name                = var.webapp_name
  resource_group_name = var.rg_name
  location            = var.location
  service_plan_id     = azurerm_service_plan.asp.id

  site_config {
    minimum_tls_version = var.minimum_tls_version
  }

Debug Output/Panic Output

https://gist.github.com/owingruters/00761b18286a3fcf4c8070370d80a9f8

Expected Behaviour

TF can accept minimum_tls_version = 1.3 and sets the Azure App Service to 1.3

Actual Behaviour

see error. Max is 1.2. Azure is now supporting 1.3

Steps to Reproduce

No response

Important Factoids

No response

References

No response

owingruters commented 5 months ago

@jackofallops I am using the latest version. I also do not see it in the releasenotes and the documentation also states only v1.2 is available

tombuildsstuff commented 5 months ago

@owingruters the issue is still open, so that's expected at this time. As per the label, this requires updating to use a new version of the App Service API, so this is more involved than just adding a new value for this field.

joakimlemb commented 4 months ago

2023-12-01 API has support for 1.3: https://learn.microsoft.com/en-us/rest/api/appservice/web-apps/create-or-update-configuration?view=rest-appservice-2023-12-01&tabs=HTTP#supportedtlsversions

app_service_tls

azapi workaround:

resource "azapi_update_resource" "example_app_tls" {
  type        = "Microsoft.Web/sites@2023-12-01"
  resource_id = azurerm_linux_web_app.example.id

  body = jsonencode({
    properties = {
      siteConfig = {
        minTlsVersion = "1.3"
        scmMinTlsVersion = "1.3"
      }
    }
  })
}

ziyeqf commented 5 days ago

Hi @owingruters, the minimum_tls_version supports 1.3 now, starts from v4.3 by PR (https://github.com/hashicorp/terraform-provider-azurerm/pull/27196) and document update on v4.8 by https://github.com/hashicorp/terraform-provider-azurerm/pull/27823

For any further questions please leave comments.

hashicorp / terraform-provider-azurerm