PostgreSQL server does not enforce TLS connections Affecting Database service in Azure

Snyk CCSS

Data / Encryption in Transit

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

CIS-Controls CSA-CCM

Snyk ID SNYK-CC-00551
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

Unencrypted connections are vulnerable to information disclosure or manipulation.

How to fix?

Set sslEnforcement to Enabled.

ARM

servers

Terraform

azurerm_postgresql_server

References

Configure TLS connectivity in Azure Database for PostgreSQL - Single Server