Policy: Azure > CIS v3.0 > 05 - Database Services > 05.02 - Azure Database for PostgreSQL
Covers security best practices/recommendations for Azure PostgreSQL Database Servers.
Primary Policy
This policy is used with the following primary policy:
Related Policies
- 05.02.01 - Ensure server parameter 'require_secure_transport' is set to 'ON' for PostgreSQL flexible server
- 05.02.02 - Ensure server parameter 'log_checkpoints' is set to 'ON' for PostgreSQL flexible server
- 05.02.03 - Ensure server parameter 'connection_throttle.enable' is set to 'ON' for PostgreSQL flexible server
- 05.02.04 - Ensure server parameter 'logfiles.retention_days' is greater than 3 days for PostgreSQL flexible server
- 05.02.05 - Ensure 'Allow public access from any Azure service within Azure to this server' for PostgreSQL flexible server is disabled
- 5.2.6 - [LEGACY] Ensure server parameter 'log_connections' is set to 'ON' for PostgreSQL single server
- 05.02.07 - [LEGACY] Ensure server parameter 'log_disconnections' is set to 'ON' for PostgreSQL single server
- 05.02.08 - [LEGACY] Ensure 'Infrastructure double encryption' for PostgreSQL single server is 'Enabled'
Category
In Your Workspace
Developers
- tmod:@turbot/cis#/control/categories/cis
- tmod:@turbot/azure-cisv3-0#/policy/types/s0502
- turbot graphql policy-type --id "tmod:@turbot/azure-cisv3-0#/policy/types/s0502"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/azure-cisv3-0#/policy/types/s0502"
Get Policy TypeGet Policy Settings
Category URI
Policy Type URI
GraphQL
CLI