Ensure Alibaba Cloud RDS instance uses SSL
Error: Alibaba Cloud RDS instance does not use SSL
Bridgecrew Policy ID: BC_ALI_NETWORKING_3
Checkov Check ID: CKV_ALI_20
Severity: LOW
Alibaba Cloud RDS instance does not use SSL
Description
SSL helps protect your data from unauthorized access or tampering by encrypting the data as it is transmitted between the RDS instance instance and the client. By enabling SSL, you can help ensure that only authorized users with the correct keys can access and decrypt the data, and that the data is protected while in transit.
Fix - Buildtime
Terraform
resource "alicloud_db_instance" "pass" {
engine = "MySQL"
engine_version = "5.6"
ssl_action = "Open"
instance_storage = "30"
instance_type = "mysql.n2.small.25"
parameters = [{
name = "innodb_large_prefix"
value = "ON"
}, {
name = "connect_timeout"
value = "50"
}]
}
Updated 9 months ago