Control: Ensure server parameter 'require_secure_transport' is set to 'ON' for PostgreSQL flexible server
Description
Enable 'require_secure_transport' on 'PostgreSQL flexible servers'.
Usage
Run the control in your terminal:
powerpipe control run azure_compliance.control.postgres_sql_flexible_server_ssl_enabledSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_compliance.control.postgres_sql_flexible_server_ssl_enabled --shareSQL
This control uses a named query:
with ssl_enabled as( select id from azure_postgresql_flexible_server, jsonb_array_elements(flexible_server_configurations) as config where config ->> 'Name' = 'require_secure_transport' and config -> 'ConfigurationProperties' ->> 'value' = 'on')select s.id as resource, case when a.id is not null then 'ok' else 'alarm' end as status, case when a.id is not null then s.title || ' SSL connection enabled.' else s.title || ' SSL connection disabled.' end as reason , s.resource_group as resource_group , sub.display_name as subscriptionfrom azure_postgresql_flexible_server as s left join ssl_enabled as a on s.id = a.id left join azure_subscription as sub on sub.subscription_id = s.subscription_id;