Control: Infrastructure encryption should be enabled for Azure Database for PostgreSQL servers
Description
Enable infrastructure encryption for Azure Database for PostgreSQL servers to have higher level of assurance that the data is secure. When infrastructure encryption is enabled, the data at rest is encrypted twice using FIPS 140-2 compliant Microsoft managed keys.
Usage
Run the control in your terminal:
powerpipe control run azure_compliance.control.postgresql_server_infrastructure_encryption_enabledSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_compliance.control.postgresql_server_infrastructure_encryption_enabled --shareSQL
This control uses a named query:
select s.id as resource, case when infrastructure_encryption = 'Enabled' then 'ok' else 'alarm' end as status, case when infrastructure_encryption = 'Enabled' then name || ' infrastructure encryption enabled.' else name || ' infrastructure encryption disabled.' end as reason , s.resource_group as resource_group , sub.display_name as subscriptionfrom azure_postgresql_server as s, azure_subscription as subwhere sub.subscription_id = s.subscription_id;