Ensure that Azure Redis Cache servers are using the latest version of the TLS protocol

Enforce the utilization of the latest TLS protocol version for Azure Redis Cache servers to guarantee secure data transmission and maintain compliance with contemporary security standards.

Suggest Edits

Risk Level: Critical
Cloud Entity: Azure Redis Cache
CloudGuard Rule ID: D9.AZU.NET.77
Covered by Spectral: No
Category: Database

GSL LOGIC

RedisCache should have minimumTlsVersion='1.2'

REMEDIATION

From Portal

  1. Go to 'Azure Cache for Redis' and select the databse you want to configure.
  2. Under 'Settings', select 'Advanced Settings'.
  3. Select the latest TLS version as 'Minimum TLS version'.
  4. Click the 'Save' button.

From TF

resource 'azurerm_redis_cache' 'test' {
	...
	minimum_tls_version = '1.2'
}

From Command Line

  1. Run the following command to update the 'minimumTlsVersion' field on your RedisCache instance.
az redis update --ids IDS --set minimumTlsVersion=1.2

References

  1. https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_cache.html
  2. https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/

Azure Redis Cache

Fully managed, open source���compatible in-memory data store to power fast, scalable application. Azure Redis Cache is based on the popular open-source Redis cache. It is typically used as a cache to improve the performance and scalability of systems that rely heavily on backend data-stores. Performance is improved by temporarily copying frequently accessed data to fast storage located close to the application. With Redis cache, this fast storage is located in-memory with Redis Cache instead of being loaded from disk by a dat

Compliance Frameworks

  • CloudGuard Azure All Rules Ruleset

Updated 7 months ago