[BUG] AppServiceWebApp.UseLatestTLS does not recognise TLS 1.3

[gazzyt]

Describe the bug

We are upgrading our app services to use TLS 1.3 as the minTlsVersion from TLS 1.2

After doing so, template analyzer is saying we are violating rule TA-000017 AppServiceWebApp.UseLatestTLS

Expected behavior

TLS 1.3 should be acceptable as the latest TLS version and no violation should be reported

Reproduction Steps

Run the analyzer over a bicep file containing an app service using min TLS 1.3

For example:

resource webApp 'Microsoft.Web/sites@2022-09-01' = {
  kind: 'app'
  name: appAppName
  location: location
  properties: {
    virtualNetworkSubnetId: snet.id
    enabled: true
    clientAffinityEnabled: false
    serverFarmId: resourceId('Microsoft.Web/serverfarms', appServicePlanName)
    httpsOnly: true
    clientCertEnabled: false
    clientCertMode: 'Required'
    publicNetworkAccess: 'Disabled'
    siteConfig: {
      alwaysOn: true
      requestTracingEnabled: true
      httpLoggingEnabled: true
      detailedErrorLoggingEnabled: true
      webSocketsEnabled: false
      remoteDebuggingEnabled: false
      http20Enabled: true
      use32BitWorkerProcess: false
      appSettings: []
      publicNetworkAccess: 'Disabled'
      vnetName: virtualNetworks.name
      vnetRouteAllEnabled: true
      vnetPrivatePortsCount: 0
      scmIpSecurityRestrictionsUseMain: true
      minTlsVersion: '1.3'
      netFrameworkVersion: 'v8.0'
      ftpsState: 'Disabled'
      }
  }
}

Environment

We are using the Azure DEVOPS task like:

jobs:
  - job: DEVOPSScan
    steps:
    - task: MicrosoftSecurityDevOps@1
      displayName: 'Microsoft Security DevOps'
      inputs:
        command: run

[richardtucker]

Thank you for identifying this issue and taking the initiative to create a pull request. We appreciate your efforts and contributions to improving our project.

An engineer will review your PR.