Skip to content

Commit

Permalink
Updated docs for the new security block
Browse files Browse the repository at this point in the history
  • Loading branch information
@torresdal
torresdal committed Sep 1, 2018
1 parent c722879 commit 021ffae
Show file tree
Hide file tree
Showing 2 changed files with 34 additions and 2 deletions.
18 changes: 17 additions & 1 deletion website/docs/d/api_management.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ output "api_management_id" {

* `certificate` - List of Certificates that is installed in the API Management service. Max supported certificates that can be installed is 10. The `certificate` block is documented below.

* `custom_properties` - Custom properties of the API Management service. The property `Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168` means the cipher TLS_RSA_WITH_3DES_EDE_CBC_SHA is disabled for all TLS(1.0, 1.1 and 1.2). The property `Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11` means just TLS 1.1 is disabled and the property `Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10` means TLS 1.0 is disabled on an API Management service.
* `security` - Optionally disable certain security features. The `security` block is documented below.

* `hostname_configuration` - Custom hostname configuration of the API Management service. The `hostname_configuration` block is documented below.

Expand All @@ -82,6 +82,22 @@ A `additional_location` block supports the following:

* `static_ips` - Static IP addresses of the location's virtual machines.

A `security` block supports the following:

* `disable_backend_ssl30` - Disables SSL 3.0 on the backend side of the gateway

* `disable_backend_tls10` - Disables TLS 1.0 on the backend side of the gateway

* `disable_backend_tls11` - Disables TLS 1.1 on the backend side of the gateway

* `disable_triple_des_chipers` - Disables the cipher TLS_RSA_WITH_3DES_EDE_CBC_SHA for all TLS versions (1.0, 1.1 and 1.2)

* `disable_frontend_ssl30` - Disables SSL 3.0 on the frontend side of the gateway

* `disable_frontend_tls10` - Disables TLS 1.0 on the frontend side of the gateway

* `disable_frontend_tls11` - Disables TLS 1.1 on the frontend side of the gateway

A `certificate` block supports the following:

* `store_name` - The local certificate store location. Only Root and CertificateAuthority are valid locations. Possible values include: `CertificateAuthority`, `Root`.
Expand Down
18 changes: 17 additions & 1 deletion website/docs/r/api_management.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -130,7 +130,7 @@ The following arguments are supported:

* `certificate` - (Optional) List of Certificates that is installed in the API Management service. Max supported certificates that can be installed is 10. The `certificate` block is documented below.

* `custom_properties` - (Optional) Custom properties of the API Management service. The property `Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168` means the cipher TLS_RSA_WITH_3DES_EDE_CBC_SHA is disabled for all TLS(1.0, 1.1 and 1.2). The property `Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11` means just TLS 1.1 is disabled and the property `Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10` means TLS 1.0 is disabled on an API Management service.
* `security` - Optionally disable certain security features. The `security` block is documented below.

* `hostname_configuration` - (Optional) Custom hostname configuration of the API Management service. The `hostname_configuration` block is documented below.

Expand Down Expand Up @@ -158,6 +158,22 @@ The following arguments are supported:

* `store_name` - (Required) The local certificate store location. Only Root and CertificateAuthority are valid locations. Possible values include: `CertificateAuthority`, `Root`.

`security` block supports the following:

* `disable_backend_ssl30` - Disables SSL 3.0 on the backend side of the gateway

* `disable_backend_tls10` - Disables TLS 1.0 on the backend side of the gateway

* `disable_backend_tls11` - Disables TLS 1.1 on the backend side of the gateway

* `disable_triple_des_chipers` - Disables the cipher TLS_RSA_WITH_3DES_EDE_CBC_SHA for all TLS versions (1.0, 1.1 and 1.2)

* `disable_frontend_ssl30` - Disables SSL 3.0 on the frontend side of the gateway

* `disable_frontend_tls10` - Disables TLS 1.0 on the frontend side of the gateway

* `disable_frontend_tls11` - Disables TLS 1.1 on the frontend side of the gateway

`hostname_configuration` block supports the following:

* `type` - (Required) Hostname type. Possible values include: `Proxy`, `Portal`, `Management` or `Scm`
Expand Down

0 comments on commit 021ffae

Please sign in to comment.