Ensure PostgreSQL server enables Threat Detection policy

Error: PostgreSQL server does not enable Threat Detection policy

Bridgecrew Policy ID: BC_AZR_GENERAL_45
Checkov Check ID: CKV_AZURE_128
Severity: LOW

PostgreSQL server does not enable Threat Detection policy

Description

Enable Advanced Threat Detection on your non-Basic tier Azure database for PostgreSQL servers to detect anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases.

Fix - Buildtime

Terraform

  • Resource: azurerm_postgresql_server
  • Argument:threat_detection_policy.enabled
resource "azurerm_postgresql_server" "example" {
              ...
+             threat_detection_policy {
+                 enabled = true
              }
            }