Resource Type: Azure > PostgreSQL > Flexible Server

The Flexible Server resource type is a fully managed database service with high availability and security that can be used to deploy and manage PostgreSQL databases in the Azure cloud.

Resource Context

Flexible Server is a part of the PostgreSQL service.

Each Flexible Server lives under a Resource Group.

Controls

The primary controls for Azure > PostgreSQL > Flexible Server are:

It is also targeted by these controls:

Azure > CIS v2.0 > 04 - Database Services > 4.03 PostgreSQL Database Server > 4.03.02 - Ensure Server Parameter 'log_checkpoints' is set to 'ON' for PostgreSQL Database Server
Azure > CIS v2.0 > 04 - Database Services > 4.03 PostgreSQL Database Server > 4.03.03 - Ensure server parameter 'log_connections' is set to 'ON' for PostgreSQL Database Server
Azure > CIS v2.0 > 04 - Database Services > 4.03 PostgreSQL Database Server > 4.03.04 - Ensure Server Parameter 'log_disconnections' is set to 'ON' for PostgreSQL Database Server
Azure > CIS v2.0 > 04 - Database Services > 4.03 PostgreSQL Database Server > 4.03.07 - Ensure 'Allow access to Azure services' for PostgreSQL Database Server is disabled
Azure > CIS v3.0 > 05 - Database Services > 05.02 - Azure Database for PostgreSQL > 05.02.01 - Ensure server parameter 'require_secure_transport' is set to 'ON' for PostgreSQL flexible server
Azure > CIS v3.0 > 05 - Database Services > 05.02 - Azure Database for PostgreSQL > 05.02.02 - Ensure server parameter 'log_checkpoints' is set to 'ON' for PostgreSQL flexible server
Azure > CIS v3.0 > 05 - Database Services > 05.02 - Azure Database for PostgreSQL > 05.02.02 - Ensure server parameter 'log_checkpoints' is set to 'ON' for PostgreSQL flexible server
Azure > CIS v3.0 > 05 - Database Services > 05.02 - Azure Database for PostgreSQL > 05.02.03 - Ensure server parameter 'connection_throttle.enable' is set to 'ON' for PostgreSQL flexible server
Azure > CIS v3.0 > 05 - Database Services > 05.02 - Azure Database for PostgreSQL > 05.02.04 - Ensure server parameter 'logfiles.retention_days' is greater than 3 days for PostgreSQL flexible server
Azure > CIS v3.0 > 05 - Database Services > 05.02 - Azure Database for PostgreSQL > 05.02.05 - Ensure 'Allow public access from any Azure service within Azure to this server' for PostgreSQL flexible server is disabled
Azure > CIS v3.0 > 05 - Database Services > 05.02 - Azure Database for PostgreSQL > 05.02.05 - Ensure 'Allow public access from any Azure service within Azure to this server' for PostgreSQL flexible server is disabled
Azure > CIS v3.0 > 05 - Database Services > 05.02 - Azure Database for PostgreSQL > 05.02.06 - [LEGACY] Ensure server parameter 'log_connections' is set to 'ON' for PostgreSQL single server
Azure > CIS v3.0 > 05 - Database Services > 05.02 - Azure Database for PostgreSQL > 05.02.07 - [LEGACY] Ensure server parameter 'log_disconnections' is set to 'ON' for PostgreSQL single server

Quick Actions

In Your Workspace

Developers

Resource Type URI

tmod:@turbot/azure-postgresql#/resource/types/flexibleServer

Category URI

tmod:@turbot/turbot#/resource/categories/database

GraphQL

query resource(id: "tmod:@turbot/azure-postgresql#/resource/types/flexibleServer") { … }

query resourceActivities(filter: "resourceId:'tmod:@turbot/azure-postgresql#/resource/types/flexibleServer'") { … }

mutation createResource(input: { … })

mutation updateResource(input: { … })

CLI

Get Resource

turbot graphql resource --id "tmod:@turbot/azure-postgresql#/resource/types/flexibleServer"

Steampipe Query

Get Resource

select * from guardrails_resource where resource_type_uri = 'tmod:@turbot/azure-postgresql#/resource/types/flexibleServer';

Get Policy Settings (By Resource ID)

select * from guardrails_policy_setting where filter = 'resourceTypeId:"tmod:@turbot/azure-postgresql#/resource/types/flexibleServer"';

Get Resource Notification

select * from guardrails_notification where resource_type_uri = 'tmod:@turbot/azure-postgresql#/resource/types/flexibleServer' and notification_type in ('resource_updated', 'resource_created');