💼 5.2 Azure Database for PostgreSQL

• Contextual name: 💼 5.2 Azure Database for PostgreSQL
• ID: /frameworks/cis-azure-v3.0.0/05/02
• Located in: 💼 5 Database Services

Description

This section covers security best practice recommendations for Azure PostgreSQL Database Servers.

Azure Product Page: https://azure.microsoft.com/en-us/products/postgresql/

RETIREMENT of Azure PostgreSQL Single Server: Azure PostgreSQL Single Server is slated for retirement by March 25, 2025. Azure PostgreSQL Flexible Server is the newer deployment standard and is unaffected. Please use these resources to consider and prepare for migration:

• https://learn.microsoft.com/en-us/azure/postgresql/single-server/whats-happening-to-postgresql-single-server
• https://learn.microsoft.com/en-us/azure/postgresql/migrate/concepts-single-to-flexible

Similar

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 5.2.1 Ensure server parameter 'require_secure_transport' is set to 'ON' for PostgreSQL flexible server (Automated)			1
💼 5.2.2 Ensure server parameter 'log_checkpoints' is set to 'ON' for PostgreSQL flexible server (Automated)			1
💼 5.2.3 Ensure server parameter 'connection_throttle.enable' is set to 'ON' for PostgreSQL flexible server (Automated)			1
💼 5.2.4 Ensure server parameter 'logfiles.retention_days' is greater than 3 days for PostgreSQL flexible server (Automated)			1
💼 5.2.5 Ensure 'Allow public access from any Azure service within Azure to this server' for PostgreSQL flexible server is disabled (Automated)			1
💼 5.2.6 [LEGACY] Ensure server parameter 'log_connections' is set to 'ON' for PostgreSQL single server (Automated)			1
💼 5.2.7 [LEGACY] Ensure server parameter 'log_disconnections' is set to 'ON' for PostgreSQL single server (Automated)			1
💼 5.2.8 [LEGACY] Ensure 'Infrastructure double encryption' for PostgreSQL single server is 'Enabled' (Automated)			1