Ensure regular security and operational updates are enabled for Azure Redis Cache

HIGH

Description

Regular updates for Azure Redis Cache are disabled, this may introduce unknown vulnerabilities.

Remediation

In Azure Console -

Open the Azure Portal and go to Azure Cache for Redis.
Select the Redis Cache you wish to edit.
Under Settings, select Schedule updates.
Check the enable box and configure as needed.
Save.

In Terraform -

In the azurerm_redis_cache resource, configure a patch_schedule block.
Set the day_of_week to the name of the preferred day.
Set the start_hour_utc and maintenance_window if needed.

References:
https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_cache#patch_schedule

Policy Details

Rule Reference ID: AC_AZURE_0393

CSP: Azure

Remediation Available: Yes

Domain: Security Best Practices

Resource: azurerm_redis_cache

Resource Category: Database

Resource Type: Redis

Frameworks

GDPR
HIPAA
NIST-800-171
NIST-800-53
NIST-CSF
PCI-DSSv3.2.1
PCI-DSSv4.0
SOC2
ISO-27001