PostgreSQL Server does not enforce SSL Affecting Database service in Azure

Snyk CCSS

Data / Encryption in Transit

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

CIS-Azure CIS-Controls CSA-CCM GDPR HIPAA ISO-27001 NIST-800-53 PCI-DSS SOC-2

Snyk ID SNYK-CC-00447
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

Enforcing SSL connections between your database server and your client applications helps protect against "man in the middle" attacks by encrypting the data stream between the server and your application.

How to fix?

Set properties.sslEnforcement attribute to Enabled.

Terraform

Resource: azurerm_postgresql_server

References

Configure TLS connectivity in Azure Database for PostgreSQL - Single Server

PostgreSQL Server does not enforce SSL Affecting Database service in Azure

Severity

Description

How to fix?

Terraform

References