Ensure email addresses are setup for Azure PostgreSQL Server

LOW

Description

A list of email_addresses are not set to get regular alerts for every intrusion for Azure PostgreSQL Server, this may make incident response challenging.

Remediation

At this time, the console UI does not have remediation steps available. For possible CLI remediation, see the product documentation (below) or use Terraform.

In Terraform -

In the azurerm_postgresql_configuration resource, set email_addresses to administrator email IDs.

References:
https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/quickstart-create-server-portal
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_server#email_addresses

Policy Details

Rule Reference ID: AC_AZURE_0403

CSP: Azure

Remediation Available: Yes

Domain: Compliance Validation

Resource: azurerm_postgresql_server

Resource Category: Database

Resource Type: PostgreSQL

Frameworks

GDPR
NIST-800-171
NIST-800-53
NIST-CSF
HIPAA
SOC2
NY-DFS