Is there any plan to move away from CBC based ciphers within TLS cipher suites in Azure Bastion?
We have had a report from a security pen test vendor stating that weak CBC based ciphers are still in use by the Azure Bastion service and ideally these should be disabled. Viable alternatives include AES-GCM and ChaCha20-Poly1305 suites. I read in a Microsoft article that in future the customer will be able to configure the minimum TLS Cipher suite to be used on the Azure service. https://techcommunity.microsoft.com/t5/apps-on-azure-blog/min-tls-cipher-suite-preview-now-available-on-azure-portal-and/ba-p/3804134 Is Azure Bastion on any roadmap to have the same configurable setting? Or is there any plan to disable the future use of these ciphers in relation to Azure Bastion? Thank you