Benchmark: 4.4 MySQL Database
Overview
This section groups security best practices/recommendations for Azure MySQL Database Servers.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-azure-compliance
Start the Powerpipe server:
steampipe service startpowerpipe server
Open http://localhost:9033 in your browser and select 4.4 MySQL Database.
Run this benchmark in your terminal:
powerpipe benchmark run azure_compliance.benchmark.cis_v210_4_4
Snapshot and share results via Turbot Pipes:
powerpipe benchmark run azure_compliance.benchmark.cis_v210_4_4 --share
Controls
- 4.4.1 Ensure 'Enforce SSL connection' is set to 'Enabled' for Standard MySQL Database Server
- 4.4.2 Ensure 'TLS Version' is set to 'TLSV1.2' for MySQL flexible Database Server
- 4.4.3 Ensure server parameter 'audit_log_enabled' is set to 'ON' for MySQL Database Server
- 4.4.4 Ensure server parameter 'audit_log_events' has 'CONNECTION' set for MySQL Database Server