MEDIUM
Source
Trivy
ID
AVD-AZU-0026

Databases should have the minimum TLS set for connections

You should not use outdated/insecure TLS versions for encryption. You should be using TLS v1.2+.

Impact

Follow the appropriate remediation steps below to resolve the issue.

Use the most modern TLS policies available

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
 resource "azurerm_mssql_server" "good_example" {
   name                         = "mssqlserver"
   resource_group_name          = azurerm_resource_group.example.name
   location                     = azurerm_resource_group.example.location
   version                      = "12.0"
   administrator_login          = "missadministrator"
   administrator_login_password = "thisIsKat11"
   minimum_tls_version          = "1.2"
 }
 
 resource "azurerm_postgresql_server" "good_example" {
   name                = "bad_example"
 
   public_network_access_enabled    = true
   ssl_enforcement_enabled          = false
   ssl_minimal_tls_version_enforced = "TLS1_2"
 }