Pattern: Enabled public access for Azure database
Issue: -
Database resources should not be publicly available. You should limit all access to the minimum that is required for your application to function.
Resolution: Disable public access to database when not required.
Example of incorrect code:
resource "azurerm_postgresql_server" "bad_example" {
name = "bad_example"
public_network_access_enabled = true
ssl_enforcement_enabled = false
ssl_minimal_tls_version_enforced = "TLS1_2"
}Example of correct code:
resource "azurerm_postgresql_server" "good_example" {
name = "bad_example"
public_network_access_enabled = false
ssl_enforcement_enabled = false
ssl_minimal_tls_version_enforced = "TLS1_2"
}