Vulnerabilities
Misconfiguration
Runtime Security
Compliance
Azure > Database >

Secure Tls Policy

MEDIUM
Source
Trivy
ID
AVD-AZU-0026
terraform

Databases should have the minimum TLS set for connections

You should not use outdated/insecure TLS versions for encryption. You should be using TLS v1.2+.

Impact

Outdated TLS policies increase exposure to known issues

Follow the appropriate remediation steps below to resolve the issue.

Use the most modern TLS policies available

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18

 resource "azurerm_mssql_server" "good_example" {
   name                         = "mssqlserver"
   resource_group_name          = azurerm_resource_group.example.name
   location                     = azurerm_resource_group.example.location
   version                      = "12.0"
   administrator_login          = "missadministrator"
   administrator_login_password = "thisIsKat11"
   minimum_tls_version          = "1.2"
 }
 
 resource "azurerm_postgresql_server" "good_example" {
   name                = "bad_example"
 
   public_network_access_enabled    = true
   ssl_enforcement_enabled          = false
   ssl_minimal_tls_version_enforced = "TLS1_2"
 }
Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2023 Aqua Security Software Ltd.   Privacy Policy | Terms of Use