AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

PostgreSQL database servers enforce SSL connection.

Azure Landing Zones (ALZ) Policy definition

Source

Repository Azure Landing Zones (ALZ) GitHub
JSON Deny-PostgreSql-http

Deploy policy Deny-PostgreSql-http (1.0.1) to Azure

Display name

PostgreSQL database servers enforce SSL connection.

Deny-PostgreSql-http

Version

1.0.1
Details on versioning

Category

SQL

Description

Azure Database for PostgreSQL supports connecting your Azure Database for PostgreSQL server to client applications using Secure Sockets Layer (SSL). Enforcing SSL connections between your database server and your client applications helps protect against 'man in the middle' attacks by encrypting the data stream between the server and your application. This configuration enforces that SSL is always enabled for accessing your database server.

Mode

Indexed

Type

Custom Azure Landing Zones (ALZ)

Preview

False

Deprecated

False

Effect

Default
Deny
Allowed
Audit, Disabled, Deny

RBAC role(s)

none

Rule aliases

IF (2)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.DBforPostgreSQL/servers/minimalTlsVersion	Microsoft.DBforPostgreSQL	servers	properties.minimalTlsVersion	True		True
Microsoft.DBforPostgreSQL/servers/sslEnforcement	Microsoft.DBforPostgreSQL	servers	properties.sslEnforcement	True		True

Rule resource types

IF (1)
Microsoft.DBforPostgreSQL/servers

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State
[Deprecated]: Deny or Deploy and append TLS requirements and SSL enforcement on resources without Encryption in transit	Enforce-EncryptTransit	Encryption	Deprecated
Deny or Deploy and append TLS requirements and SSL enforcement on resources without Encryption in transit	Enforce-EncryptTransit_20240509	Encryption	GA

History

none

JSON compare

n/a

JSON

EPAC