Enable Ssl Enforcement | Vulnerability Database

SSL should be enforced on database connections where applicable

SSL connections should be enforced were available to ensure secure transfer and reduce the risk of compromising data in flight.

Impact

Insecure connections could lead to data loss and other vulnerabilities

Recommended Actions

Follow the appropriate remediation steps below to resolve the issue.

Enable SSL enforcement

1
2
3
4
5
6
7
8


 resource "azurerm_postgresql_server" "good_example" {
   name                = "good_example"
 
   public_network_access_enabled    = false
   ssl_enforcement_enabled          = true
   ssl_minimal_tls_version_enforced = "TLS1_2"
 }
 

Remediation Links

https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_server#ssl_enforcement_enabled
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mysql_server#ssl_enforcement_enabled
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mariadb_server#ssl_enforcement_enabled