PostgreSQL Server Parameter "connection_throttling" Is Not Enabled
Overview
Enabling connection_throttling helps the PostgreSQL Database to Set the verbosity of logged messages. This in turn generates query and error logs with respect to concurrent connections that could lead to a successful Denial of Service (DoS) attack by exhausting connection resources. A system can also fail or be degraded by an overload of legitimate users. Query and error logs can be used to identify, troubleshoot, and repair configuration errors and sub-optimal performance.
Vendor
Azure
Cloud Service
PostgreSQL
Related Controls
CIS Azure v2.0.0 4.3.5
References
https://docs.microsoft.com/en-us/rest/api/postgresql/singleserver/configurations/list-by-server, https://docs.microsoft.com/en-us/azure/postgresql/howto-configure-server-parameters-using-portal, https://docs.microsoft.com/en-us/security/benchmark/azure/security-controls-v3-logging-threat-detection#lt-4-enable-logging-for-azure-resources, https://learn.microsoft.com/en-us/powershell/module/az.postgresql/get-azpostgresqlconfiguration?view=azps-9.2.0#example-2-get-specified-postgresql-configuration-by-name, https://learn.microsoft.com/en-us/powershell/module/az.postgresql/update-azpostgresqlconfiguration?view=azps-9.2.0#example-1-update-postgresql-configuration-by-name
Severity
3
Item Types
Microsoft.DBforPostgreSQL.servers.databases