turbot/ibm_compliance

Control: 4.2 Ensure IBM Cloud Databases are only accessible via HTTPS or TLS Connections

Description

The IBM Cloud Databases services can only be connected to over TLS or HTTPS connections. This behavior is by default and is non-configurable. Customers are provided self-signed certificates and most appropriately configure driver or application to utilize these certificates and encryption in motion.

Remediation

There is no remediation procedure available on database side. If client side is having issues connecting to the database, the client must ensure that they are using TLS 1.2> or HTTPS from application or client library.

Usage

Run the control in your terminal:

powerpipe control run ibm_compliance.control.cis_v100_4_2

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run ibm_compliance.control.cis_v100_4_2 --share

SQL

This control uses a named query:

manual_control

Tags