Ensure that the Redis Cache accepts only SSL connections

It is recommended that Redis Cache should allow only SSL connections

Risk Level: High
Cloud Entity: Azure Redis Cache
CloudGuard Rule ID: D9.AZU.CRY.05
Covered by Spectral: Yes
Category: Database


RedisCache should have enableNonSslPort=false


From Portal

  1. Go to Azure Cache for Redis
  2. For each Redis Cache, Click on Advanced settings
  3. Set the Allow access only via SSL to 'Yes'
  4. Click Save.

From TF
Set the 'availability_set_id' argument under azurerm_windows_virtual_machine

resource "azurerm_redis_cache" "example" {
	enable_non_ssl_port = false

From Command Line

az redis update --name REDISCACHENAME --resource-group RESOURCEGROUP --set enableNonSslPort=false


  1. https://docs.microsoft.com/en-us/azure/redis-cache/cache-configure#advanced-settings
  2. https://docs.microsoft.com/en-us/cli/azure/redis?view=azure-cli-latest#az-redis-update
  3. https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_cache#enable_non_ssl_port

Azure Redis Cache

Fully managed, open source���compatible in-memory data store to power fast, scalable application. Azure Redis Cache is based on the popular open-source Redis cache. It is typically used as a cache to improve the performance and scalability of systems that rely heavily on backend data-stores. Performance is improved by temporarily copying frequently accessed data to fast storage located close to the application. With Redis cache, this fast storage is located in-memory with Redis Cache instead of being loaded from disk by a dat

Compliance Frameworks

  • AZU PCI-DSS 4.0
  • Azure CSA CCM v.3.0.1
  • Azure CSA CCM v.4.0.1
  • Azure CloudGuard Best Practices
  • Azure CloudGuard CheckUp
  • Azure CloudGuard SOC2 based on AICPA TSC 2017
  • Azure Dashboard System Ruleset
  • Azure GDPR Readiness
  • Azure HIPAA
  • Azure HITRUST v9.5.0
  • Azure ISO 27001:2013
  • Azure ITSG-33
  • Azure LGPD regulation
  • Azure NIST 800-171
  • Azure NIST 800-53 Rev 4
  • Azure NIST 800-53 Rev 5
  • Azure NIST CSF v1.1
  • Azure New Zealand Information Security Manual (NZISM) v.3.4
  • Azure PCI-DSS 3.2
  • CloudGuard Azure All Rules Ruleset
  • Microsoft Cloud Security Benchmark