Ensure 'Allow access to Azure services' for PostgreSQL Database Server is disabled
Error: PostgreSQL Database Server 'Allow access to Azure services' enabled
Bridgecrew Policy ID: BC_AZR_GENERAL_79
Checkov Check ID: CKV2_AZURE_6
Severity: LOW
PostgreSQL Database Server 'Allow access to Azure services' enabled
Description
When 'Allow access to Azure services' settings is enabled, PostgreSQL Database server will accept connections from all Azure resources including other subscription resources as well. It is recommended to use firewall rules or VNET rules to allow access from specific network ranges or virtual networks.
Fix - Runtime
In Azure Console
- Login to Azure console
- Navigate to 'Azure Database for PostgreSQL servers' dashboard
- Select the reported PostgreSQL server
- Go to 'Connection security' under 'Settings'
- Select 'No' for 'Allow access to Azure services' under 'Firewall rules'
- Click on 'Save'
Updated 7 months ago
Did this page help you?