Skip to content

Secure transfer required is not enabled


Microsoft recommends that you always require secure transfer for all of your storage accounts. When secure transfer is required a call to an Azure Storage REST API operation must be made over HTTPS. A request made over HTTP is rejected.

We recommend you configure Azure Blob storage to accept requests from secure connections only. This is achieved by setting the Secure Transfer Required property. When you require secure transfer, any requests originating from an insecure connection are rejected.

Fix - Runtime

Azure Portal

To change the policy using the Azure Portal, follow these steps:

  1. Log in to the Azure Portal at
  2. Navigate to the storage account in question.
  3. Select Configuration on the left-hand menu.
  4. Select Enabled for Secure transfer required.
  5. Click Save.

CLI Command

az storage account update -g {ResourceGroupName} -n {StorageAccountName} --https-only true

Fix - Buildtime


  • Resource: azurerm_storage_account
  • Attribute: enable_https_traffic_only
resource "azurerm_storage_account" "storage_account" {
- enable_https_traffic_only = false
+ enable_https_traffic_only = true

ARM Template

  "name": "example",
  "type": "Microsoft.Storage/storageAccounts",
  "apiVersion": "2019-06-01",
  "location": "[parameters('location')]",
  "properties": {
-   "supportsHttpsTrafficOnly": "false"
+   "supportsHttpsTrafficOnly": "true"
  "dependsOn": [],
  "sku": {
    "name": "Standard_LRS"
  "kind": "StorageV2",
  "tags": {},