Ensure MariaDB servers have Enforce SSL connection enabled

Error: MariaDB servers do not have Enforce SSL connection enabled

Bridgecrew Policy ID: BC_AZR_NETWORKING_17
Checkov Check ID: CKV_AZURE_47
Severity: HIGH

MariaDB servers do not have Enforce SSL connection enabled

Description

Azure Database for MariaDB supports connecting your Azure Database for MariaDB server to client applications using Secure Sockets Layer (SSL). Enforcing SSL connections between your database server and your client applications helps protect against 'man in the middle' attacks by encrypting the data stream between the server and your application. This configuration enforces that SSL is always enabled for accessing your database server.

Fix - Buildtime

Terraform

  • Resources: azurerm_mariadb_server
  • Argument: ssl_enforcement_enabled
resource "azurerm_mariadb_server" "example" {
  ...
+  ssl_enforcement_enabled = true
}

Did this page help you?