PowerShell script to set the minimum TLS version on Azure resources

DisableInsecureTlsOnAzureResources.ps1

# Install the Az PowerShell module first if not already installed.
#Install-Module Az

[CmdletBinding()]
Param (
	[Parameter(Mandatory = $false, HelpMessage = 'The Azure Resource IDs of the Service Bus and Event Hub namespaces to set the Minimum TLS version on.')]
	[string[]] $AzureResourceIds = @(
		'/subscriptions/076cf584-af21-4f8f-b734-eca1907bfd54/resourceGroups/TlsTesting/providers/Microsoft.ServiceBus/namespaces/TlsTestingAsb'
		'/subscriptions/076cf584-af21-4f8f-b734-eca1907bfd54/resourceGroups/TlsTesting/providers/Microsoft.Storage/storageAccounts/tlstestingstorage'
		'/subscriptions/076cf584-af21-4f8f-b734-eca1907bfd54/resourceGroups/TlsTesting/providers/Microsoft.EventHub/namespaces/TlsTesting'
	)
)

Process {
	Write-Information "Prompting user to log in to Azure..."
	Connect-AzAccount

	foreach ($resourceId in $AzureResourceIds) {
		[string[]] $resourceParts = $resourceId.Split('/')
		[string] $subscriptionId = $resourceParts[2]
		[string] $resourceGroupName = $resourceParts[4]
		[string] $resourceType = $resourceParts[6]
		[string] $resourceName = $resourceParts[8]

		Set-AzContext -SubscriptionId $subscriptionId > $null

		if ($resourceType -eq 'Microsoft.ServiceBus') {
			Write-Information "Setting minimum TLS to 1.2 for Service Bus namespace '$resourceName' in resource group '$resourceGroupName'."
			Set-AzServiceBusNamespace -ResourceGroupName $resourceGroupName -Name $resourceName -MinimumTlsVersion '1.2'
		} elseif ($resourceType -eq 'Microsoft.EventHub') {
			Write-Information "Setting minimum TLS to 1.2 for Event Hub namespace '$resourceName' in resource group '$resourceGroupName'."
			Set-AzEventHubNamespace -ResourceGroupName $resourceGroupName -Name $resourceName -MinimumTlsVersion '1.2'
		} elseif ($resourceType -eq 'Microsoft.Storage') {
			Write-Information "Setting minimum TLS to 1.2 for Storage Account '$resourceName' in resource group '$resourceGroupName'."
			Set-AzStorageAccount -ResourceGroupName $resourceGroupName -Name $resourceName -MinimumTlsVersion 'TLS1_2'
		} else {
			Write-Error "Unknown resource type '$resourceType' for resource ID '$resourceId'."
		}
	}
}

Begin {
	$InformationPreference = 'Continue'
	# $VerbosePreference = 'Continue'

	# Display the time that this script started running.
	[DateTime] $startTime = Get-Date
	Write-Information "Starting script at '$startTime'."
}

End {
	# Display the time that this script finished running, and how long it took to run.
	[DateTime] $finishTime = Get-Date
	[TimeSpan] $elapsedTime = $finishTime - $startTime
	Write-Information "Finished script at '$finishTime'. Took '$elapsedTime' to run."
}

LoopThroughAllAsbsAndSetMinTlsVersion.ps1

# Install the Az PowerShell module first if not already installed.
#Install-Module Az

Write-Output "Prompting user to log in to Azure..."
Connect-AzAccount

$subscriptions = Get-AzSubscription
foreach ($subscription in $subscriptions) {
	Set-AzContext -SubscriptionId $subscription.Id > $null

	Write-Output "Processing subscription '$($subscription.Name)'..."
	$namespaces = Get-AzServiceBusNamespace
	foreach ($namespace in $namespaces) {
		$resourceGroupName = $namespace.ResourceGroup
		$namespaceName = $namespace.Name

		Write-Output "Setting minimum TLS to 1.2 for Service Bus namespace '$namespaceName' in resource group '$resourceGroupName'."
		Set-AzServiceBusNamespace -ResourceGroupName $resourceGroupName -Name $namespaceName -MinimumTlsVersion '1.2'
	}
}