MinTLS Version is a read only property

Azure · Nov 22, 2024 · f7df719 · f7df719
1 parent 5c801ff
commit f7df719
Show file tree

Hide file tree

Showing 10 changed files with 1 addition and 21 deletions.
diff --git a/config/config.msft.yaml b/config/config.msft.yaml
@@ -52,7 +52,6 @@ defaults:
     eventGrid:
       name: arohcp-maestro-{{ .ctx.regionShort }}
       maxClientSessionsPerAuthName: '4'
-      minTLSVersion: '1.2'
     certDomain: 'selfsigned.maestro.keyvault.azure.com'
     postgres:
       name: arohcp-maestro-{{ .ctx.regionShort }}

diff --git a/config/config.schema.json b/config/config.schema.json
@@ -230,17 +230,12 @@
               },
               "name": {
                 "type": "string"
-              },
-              "minTLSVersion": {
-                "type": "string",
-                "enum": ["1.2"]
               }
             },
             "additionalProperties": false,
             "required": [
               "maxClientSessionsPerAuthName",
-              "name",
-              "minTLSVersion"
+              "name"
             ]
           },
           "imageBase": {

diff --git a/config/config.yaml b/config/config.yaml
@@ -52,7 +52,6 @@ defaults:
     eventGrid:
       name: arohcp-maestro-{{ .ctx.regionShort }}
       maxClientSessionsPerAuthName: '4'
-      minTLSVersion: '1.2'
     certDomain: 'selfsigned.maestro.keyvault.azure.com'
     postgres:
       name: arohcp-maestro-{{ .ctx.regionShort }}

diff --git a/config/public-cloud-cs-pr.json b/config/public-cloud-cs-pr.json
@@ -58,7 +58,6 @@
     "consumerName": "hcp-underlay-cspr-mgmt-1",
     "eventGrid": {
       "maxClientSessionsPerAuthName": "4",
-      "minTLSVersion": "1.2",
       "name": "arohcp-maestro-cspr"
     },
     "imageBase": "quay.io/redhat-user-workloads/maestro-rhtap-tenant/maestro/maestro",

diff --git a/config/public-cloud-dev.json b/config/public-cloud-dev.json
@@ -58,7 +58,6 @@
     "consumerName": "hcp-underlay-dev-mgmt-1",
     "eventGrid": {
       "maxClientSessionsPerAuthName": "4",
-      "minTLSVersion": "1.2",
       "name": "arohcp-maestro-dev"
     },
     "imageBase": "quay.io/redhat-user-workloads/maestro-rhtap-tenant/maestro/maestro",

diff --git a/config/public-cloud-msft-int.json b/config/public-cloud-msft-int.json
@@ -58,7 +58,6 @@
     "consumerName": "hcp-underlay-int-mgmt-1",
     "eventGrid": {
       "maxClientSessionsPerAuthName": "4",
-      "minTLSVersion": "1.2",
       "name": "arohcp-maestro-int"
     },
     "imageBase": "quay.io/redhat-user-workloads/maestro-rhtap-tenant/maestro/maestro",

diff --git a/config/public-cloud-personal-dev.json b/config/public-cloud-personal-dev.json
@@ -58,7 +58,6 @@
     "consumerName": "hcp-underlay-usw3tst-mgmt-1",
     "eventGrid": {
       "maxClientSessionsPerAuthName": "4",
-      "minTLSVersion": "1.2",
       "name": "arohcp-maestro-usw3tst"
     },
     "imageBase": "quay.io/redhat-user-workloads/maestro-rhtap-tenant/maestro/maestro",

diff --git a/dev-infrastructure/configurations/region.tmpl.bicepparam b/dev-infrastructure/configurations/region.tmpl.bicepparam
@@ -9,4 +9,3 @@ param regionalDNSSubdomain = '{{ .regionalDNSSubdomain }}'
 param maestroKeyVaultName = '{{ .maestro.keyVaultName }}'
 param maestroEventGridNamespacesName = '{{ .maestro.eventGrid.name }}'
 param maestroEventGridMaxClientSessionsPerAuthName = {{ .maestro.eventGrid.maxClientSessionsPerAuthName }}
-param maestroEventGridMinimumTlsVersionAllowed = '{{ .maestro.eventGrid.minTLSVersion }}'
diff --git a/dev-infrastructure/modules/maestro/maestro-infra.bicep b/dev-infrastructure/modules/maestro/maestro-infra.bicep
@@ -35,9 +35,6 @@ param maestroKeyVaultName string
 @description('The name for the Managed Identity that will be created for Key Vault Certificate management.')
 param kvCertOfficerManagedIdentityName string
 
-@description('Minimum TLS version allowed for the EventGrid Namespace')
-param minimumTlsVersionAllowed string = '1.2'
-
 @description('Allow public network access to the EventGrid Namespace')
 @allowed([
   'Enabled'
@@ -121,7 +118,6 @@ resource eventGridNamespace 'Microsoft.EventGrid/namespaces@2024-06-01-preview'
   properties: {
     isZoneRedundant: true
     publicNetworkAccess: publicNetworkAccess
-    minimumTlsVersionAllowed: minimumTlsVersionAllowed
     topicSpacesConfiguration: {
       state: 'Enabled'
       maximumSessionExpiryInHours: 1

diff --git a/dev-infrastructure/templates/region.bicep b/dev-infrastructure/templates/region.bicep
@@ -13,9 +13,6 @@ param maestroEventGridNamespacesName string
 @description('The maximum client sessions per authentication name for the EventGrid MQTT broker')
 param maestroEventGridMaxClientSessionsPerAuthName int
 
-@description('Minimum TLS version allowed for the EventGrid Namespace')
-param maestroEventGridMinimumTlsVersionAllowed string = '1.2'
-
 @description('Set to true to prevent resources from being pruned after 48 hours')
 param persist bool = false
 
@@ -70,6 +67,5 @@ module maestroInfra '../modules/maestro/maestro-infra.bicep' = {
     maestroKeyVaultName: maestroKeyVaultName
     kvCertOfficerManagedIdentityName: maestroKeyVaultCertOfficerMSIName
     publicNetworkAccess: 'Enabled'
-    minimumTlsVersionAllowed: maestroEventGridMinimumTlsVersionAllowed
   }
 }