MEDIUM
Source
Trivy
ID
AVD-AZU-0022

Ensure databases are not publicly accessible

Database resources should not publicly available. You should limit all access to the minimum that is required for your application to function.

Impact

Follow the appropriate remediation steps below to resolve the issue.

Disable public access to database when not required

1
2
3
4
5
6
7
8
 resource "azurerm_postgresql_server" "good_example" {
   name                = "bad_example"
 
   public_network_access_enabled    = false
   ssl_enforcement_enabled          = false
   ssl_minimal_tls_version_enforced = "TLS1_2"
 }