PostgreSQL Database configuration ‘connection_throttling’ should be on

Description

Enabling connection_throttling helps the PostgreSQL Database to Set the verbosity of logged messages which in turn generates query and error logs with respect to concurrent connections, that could lead to a successful Denial of Service (DoS) attack by exhausting connection resources.

Remediation Steps

Azure Portal

• Navigate to Azure Database for PostgreSQL servers.

• Select the PostgreSQL server.

• In the left navigation, select Server parameters.

• In connection_throttling, select ON.

• Click Save.

Azure CLI

• To enable connection_throttling:

az postgres server configuration set --resource-group <resourceGroupName> --server-name <serverName> --name connection_throttling --value on

Terraform

• Ensure that an azurerm_postgresql_configuration contains the following:

  • name = “connection_throttling”

  • value = “on”

Example Configuration

resource "azurerm_postgresql_configuration" "example" {
  name  = "connection_throttling"
  value = "on"

  # other required fields here
}

Documentation Links

Azure Portal and CLI

• Monitor and tune Azure Database for PostgreSQL - Single Server

• CLI: az postgres server configuration set

Terraform

• Resource: azurerm_postgresql_configuration