PostgreSQL Database configuration ‘connection_throttling’ should be on¶
Description¶
Enabling connection_throttling
helps the PostgreSQL Database to Set the verbosity of logged messages
which in turn generates query and error logs with respect to concurrent connections, that could lead to a successful Denial of Service (DoS) attack by exhausting connection resources.
Remediation Steps¶
Azure Portal¶
Navigate to Azure Database for PostgreSQL servers.
Select the PostgreSQL server.
In the left navigation, select Server parameters.
In
connection_throttling
, select ON.Click Save.
Azure CLI¶
To enable
connection_throttling
:
az postgres server configuration set --resource-group <resourceGroupName> --server-name <serverName> --name connection_throttling --value on
Azure Resource Manager¶
Ensure that a Microsoft.DBforPostgreSQL/servers/configurations resource contains the following:
{
"name": "connection_throttling",
"properties": {
"value": "on"
}
}
Example Configuration¶
{
"type": "Microsoft.DBforPostgreSQL/servers/configurations",
"apiVersion": "2017-12-01",
"name": "connection_throttling",
"properties": {
"value": "on"
}
# other required fields here
}
Terraform¶
Ensure that an azurerm_postgresql_configuration contains the following:
name
= “connection_throttling”value
= “on”
Example Configuration¶
resource "azurerm_postgresql_configuration" "example" {
name = "connection_throttling"
value = "on"
# other required fields here
}