Ensure that Azure Redis Cache servers are using the latest version of the TLS protocol
Enforce the utilization of the latest TLS protocol version for Azure Redis Cache servers to guarantee secure data transmission and maintain compliance with contemporary security standards.
Risk Level: Critical
Cloud Entity: Azure Redis Cache
CloudGuard Rule ID: D9.AZU.NET.77
Covered by Spectral: No
Category: Database
GSL LOGIC
RedisCache should have minimumTlsVersion='1.2'
REMEDIATION
From Portal
- Go to 'Azure Cache for Redis' and select the databse you want to configure.
- Under 'Settings', select 'Advanced Settings'.
- Select the latest TLS version as 'Minimum TLS version'.
- Click the 'Save' button.
From TF
resource 'azurerm_redis_cache' 'test' {
...
minimum_tls_version = '1.2'
}
From Command Line
- Run the following command to update the 'minimumTlsVersion' field on your RedisCache instance.
az redis update --ids IDS --set minimumTlsVersion=1.2
References
- https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_cache.html
- https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/
Azure Redis Cache
Fully managed, open source���compatible in-memory data store to power fast, scalable application. Azure Redis Cache is based on the popular open-source Redis cache. It is typically used as a cache to improve the performance and scalability of systems that rely heavily on backend data-stores. Performance is improved by temporarily copying frequently accessed data to fast storage located close to the application. With Redis cache, this fast storage is located in-memory with Redis Cache instead of being loaded from disk by a dat
Compliance Frameworks
- CloudGuard Azure All Rules Ruleset
Updated about 1 year ago