PostgreSQL Database server “enforce SSL connection” should be enabled

Description

PostgreSQL Database server “enforce SSL connection” should be enabled. Enforcing SSL connections between your database server and your client applications helps protect against “man in the middle” attacks by encrypting the data stream between the server and your application.

Portal Remediation Steps

  • Navigate to Azure Database for PostgreSQL Servers and select your server

  • Select Connection Security

  • Set “Enforce SSL connection” to ENABLED

Azure CLI Remediation Steps

  • To enable the “Enforce SSL connection” setting:

    • az postgres server update --resource-group <your-resource-group> --name <your-server-name> --ssl-enforcement Enabled