Resource Type: Azure > PostgreSQL > Flexible Server
The Flexible Server resource type is a fully managed database service with high availability and security that can be used to deploy and manage PostgreSQL databases in the Azure cloud.
Resource Context
Flexible Server is a part of the PostgreSQL service.
Each Flexible Server lives under a Resource Group.
Controls
The primary controls for Azure > PostgreSQL > Flexible Server are:
- Active
- Approved
- Audit Logging
- CMDB
- Discovery
- Encryption in Transit
- Firewall
- Intelligent Assessment
- ServiceNow
- Tags
It is also targeted by these controls:
- Azure > CIS v2.0 > 04 - Database Services > 4.03 PostgreSQL Database Server > 4.03.02 - Ensure Server Parameter 'log_checkpoints' is set to 'ON' for PostgreSQL Database Server
- Azure > CIS v2.0 > 04 - Database Services > 4.03 PostgreSQL Database Server > 4.03.03 - Ensure server parameter 'log_connections' is set to 'ON' for PostgreSQL Database Server
- Azure > CIS v2.0 > 04 - Database Services > 4.03 PostgreSQL Database Server > 4.03.04 - Ensure Server Parameter 'log_disconnections' is set to 'ON' for PostgreSQL Database Server
- Azure > CIS v2.0 > 04 - Database Services > 4.03 PostgreSQL Database Server > 4.03.07 - Ensure 'Allow access to Azure services' for PostgreSQL Database Server is disabled
- Azure > CIS v3.0 > 05 - Database Services > 05.02 - Azure Database for PostgreSQL > 05.02.01 - Ensure server parameter 'require_secure_transport' is set to 'ON' for PostgreSQL flexible server
- Azure > CIS v3.0 > 05 - Database Services > 05.02 - Azure Database for PostgreSQL > 05.02.02 - Ensure server parameter 'log_checkpoints' is set to 'ON' for PostgreSQL flexible server
- Azure > CIS v3.0 > 05 - Database Services > 05.02 - Azure Database for PostgreSQL > 05.02.02 - Ensure server parameter 'log_checkpoints' is set to 'ON' for PostgreSQL flexible server
- Azure > CIS v3.0 > 05 - Database Services > 05.02 - Azure Database for PostgreSQL > 05.02.03 - Ensure server parameter 'connection_throttle.enable' is set to 'ON' for PostgreSQL flexible server
- Azure > CIS v3.0 > 05 - Database Services > 05.02 - Azure Database for PostgreSQL > 05.02.04 - Ensure server parameter 'logfiles.retention_days' is greater than 3 days for PostgreSQL flexible server
- Azure > CIS v3.0 > 05 - Database Services > 05.02 - Azure Database for PostgreSQL > 05.02.05 - Ensure 'Allow public access from any Azure service within Azure to this server' for PostgreSQL flexible server is disabled
- Azure > CIS v3.0 > 05 - Database Services > 05.02 - Azure Database for PostgreSQL > 05.02.05 - Ensure 'Allow public access from any Azure service within Azure to this server' for PostgreSQL flexible server is disabled
- Azure > CIS v3.0 > 05 - Database Services > 05.02 - Azure Database for PostgreSQL > 05.02.06 - [LEGACY] Ensure server parameter 'log_connections' is set to 'ON' for PostgreSQL single server
- Azure > CIS v3.0 > 05 - Database Services > 05.02 - Azure Database for PostgreSQL > 05.02.07 - [LEGACY] Ensure server parameter 'log_disconnections' is set to 'ON' for PostgreSQL single server
Quick Actions
Category
In Your Workspace
- Controls by Resource Type report
- Policy Settings by Resource Type report
- Resources by Resource Type report
Developers
- tmod:@turbot/azure-postgresql#/resource/types/flexibleServer
- tmod:@turbot/turbot#/resource/categories/database
- turbot graphql resource --id "tmod:@turbot/azure-postgresql#/resource/types/flexibleServer"
Get Resource- select * from guardrails_resource where resource_type_uri = 'tmod:@turbot/azure-postgresql#/resource/types/flexibleServer';
- select * from guardrails_policy_setting where filter = 'resourceTypeId:"tmod:@turbot/azure-postgresql#/resource/types/flexibleServer"';
- select * from guardrails_notification where resource_type_uri = 'tmod:@turbot/azure-postgresql#/resource/types/flexibleServer' and notification_type in ('resource_updated', 'resource_created');
Get ResourceGet Policy Settings (By Resource ID)Get Resource Notification
Resource Type URI
Category URI
GraphQL
CLI
Steampipe Query