Enforce SSL Is Not Enabled for PostgreSQL Database Server

Overview

SSL connectivity helps to provide a new layer of security by connecting database server to client applications using Secure Sockets Layer (SSL). Enforcing SSL connections between database server and client applications helps protect against "man in the middle" attacks by encrypting the data stream between the server and application.

Vendor

Azure

Cloud Service

PostgreSQL

CIS Azure v2.0.0 4.3.1

References

https://docs.microsoft.com/en-us/azure/postgresql/concepts-ssl-connection-security, https://docs.microsoft.com/en-us/security/benchmark/azure/security-controls-v3-data-protection#dp-4-encrypt-sensitive-information-in-transit, https://learn.microsoft.com/en-us/powershell/module/az.postgresql/get-azpostgresqlserver?view=azps-9.2.0#example-2-get-postgresql-server-by-resource-group-and-server-name, https://learn.microsoft.com/en-us/powershell/module/az.postgresql/update-azpostgresqlserver?view=azps-9.2.0#example-1-update-postgresql-server-by-resource-group-and-server-name

Severity

Item Types

Microsoft.DBforPostgreSQL.servers.databases

Overview​

Vendor​

Cloud Service​

Related Controls​

References​

Severity​

Item Types​