Detections
Analytics

Ensure admin auth is properly setup for Azure PostgreSQL Server

MEDIUM

Description

Admin login and password are left empty forAzure PostgreSQL Server, this may lead to unauthorized/anonymous access.

Remediation

In Azure Console -

  1. Open the Azure Portal and go to Azure Database for PostgreSQL servers.
  2. Choose the PostgreSQL server you wish to edit.
  3. Under Authentication, validate Admin username is mentioned.
  4. Select save.

In Terraform -

  1. In the azurerm_postgresql_configuration resource, set administrator_login and administrator_login_password.

References:
https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/quickstart-create-server-portal
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_server

Policy Details

Rule Reference ID: AC_AZURE_0405
CSP: Azure
Remediation Available: Yes
Domain: Identity and Access Management
Resource: azurerm_postgresql_server
Resource Category: Database
Resource Type: PostgreSQL

Frameworks