Detections
Analytics

Ensure 'log_duration' is set for Azure PostgreSQL Configuration

MEDIUM

Description

Server parameter 'log_duration' is not set for Azure PostgreSQL Configuration, this may make audit challenging.

Remediation

In Azure Console -

  1. Open the Azure Portal and go to Azure Database for PostgreSQL servers.
  2. Choose the PostgreSQL server you wish to edit.
  3. Under Server parameters, set log_duration to on
  4. Select save.

In Terraform -

  1. In the azurerm_postgresql_configuration resource, set name as log_duration and value as on.

References:
https://learn.microsoft.com/en-us/azure/postgresql/single-server/concepts-server-logs
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_configuration

Policy Details

Rule Reference ID: AC_AZURE_0411
CSP: Azure
Remediation Available: Yes
Domain: Logging and Monitoring
Resource: azurerm_postgresql_configuration
Resource Category: Database
Resource Type: PostgreSQL

Frameworks