Share via

Ensure your resources interacting with Azure Monitor are using TLS 1.2 or later before 1 July 2025

Paritosh Mishra 0 Reputation points
2025-05-02T10:51:48.1633333+00:00

I got an mail a following email - didn't find any impacts service even in service retirement workbooks

"Ensure your resources interacting with Azure Monitor are using TLS 1.2 or later before 1 July 2025

You're receiving this notice because you're associated with one or more Azure subscriptions that use TLS 1.0 or TLS 1.1 to interact with Azure Monitor.

To enhance security and provide best-in-class encryption for your data, we'll require all connections to Azure Monitor to be secured using Transport Layer Security (TLS) 1.2 or later beginning 1 July 2025.

If you have resources that still use TLS 1.0 or 1.1, you'll need to transition them to TLS 1.2 or later before that date.

While the Microsoft implementation of older TLS versions isn't known to have vulnerabilities, TLS 1.2 or later provides improved security features, including perfect forward secrecy and stronger cipher suites.

If your resources are already using TLS 1.2 or later, no further action is required"

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,587 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ashok Gandhi Kotnana 6,680 Reputation points Microsoft External Staff Moderator
    2025-05-02T11:44:51.32+00:00

    Hi @Paritosh Mishra,

    Azure services that support TLS include Azure storage, API Management, App Service, Application Gateway, Cosmos DB, SQL Database, Event Hubs, Key Vault, Logic Apps, Service Bus, Functions, and many others used for secure communication and data protection.

     To identify resources that may still be using TLS 1.0 or 1.1, you can utilize the following KQL (Kusto Query Language) query in Azure Resource Graph Explorer:

    resources | where isnotnull(properties['minimumTlsVersion']) | project name, type, resourceGroup, properties.minimumTlsVersion
 

    reference example:

    User's image

    If any resources are configured to use TLS 1.0 or 1.1, update their settings to enforce TLS 1.2 or later. Before making changes, ensure that your applications and services are compatible with TLS 1.2 or later. This includes verifying that all client applications, libraries, and operating systems support the newer TLS versions.

    Please let me know if you face any challenge here, I can help you to resolve this issue further

    Provide your valuable Comments.

    User's image

    Please do not forget to "Accept the answer” and “upvote it” wherever the information provided helps you, this can be beneficial to other community members.it would be greatly appreciated and helpful to others.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.