Control: Enforce SSL connection should be enabled for PostgreSQL database servers
Description
Azure Database for PostgreSQL supports connecting your Azure Database for PostgreSQL server to client applications using Secure Sockets Layer (SSL). Enforcing SSL connections between your database server and your client applications helps protect against 'man in the middle' attacks by encrypting the data stream between the server and your application. This configuration enforces that SSL is always enabled for accessing your database server
Usage
Run the control in your terminal:
powerpipe control run azure_compliance.control.postgres_sql_ssl_enabledSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_compliance.control.postgres_sql_ssl_enabled --shareSQL
This control uses a named query:
select s.id as resource, case when ssl_enforcement = 'Disabled' then 'alarm' else 'ok' end as status, case when ssl_enforcement = 'Disabled' then name || ' SSL connection disabled.' else name || ' SSL connection enabled.' end as reason , s.resource_group as resource_group , sub.display_name as subscriptionfrom azure_postgresql_server s, azure_subscription subwhere sub.subscription_id = s.subscription_id;