Control: Enable log_checkpoints on PostgreSQL Servers
Description
Ensure server parameter 'log_checkpoints' is set to 'ON' for PostgreSQL Database Server.
Usage
Run the control in your terminal:
powerpipe control run terraform_azure_compliance.control.postgres_db_server_log_checkpoints_onSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run terraform_azure_compliance.control.postgres_db_server_log_checkpoints_on --shareSQL
This control uses a named query:
with postgresql_server as ( select * from terraform_resource where type = 'azurerm_postgresql_server'), log_checkpoints_configuration as ( select * from terraform_resource where type = 'azurerm_postgresql_configuration' and (attributes_std ->> 'name') = 'log_checkpoints' and (attributes_std ->> 'value') = 'on')select a.address as resource, case when (s.attributes_std ->> 'server_name') is not null then 'ok' else 'alarm' end as status, split_part(a.address, '.', 2) || case when (s.attributes_std ->> 'server_name') is not null then ' server parameter log_checkpoints on' else ' server parameter log_checkpoints off' end || '.' reason , a.path || ':' || a.start_linefrom postgresql_server as a left join log_checkpoints_configuration as s on a.name = (split_part((s.attributes_std ->> 'server_name'), '.', 2));