Redis Cache Allows Non SSL Connections

Query id: 869e7fb4-30f0-4bdb-b360-ad548f337f2f
Query name: Redis Cache Allows Non SSL Connections
Platform: Ansible
Severity: Medium
Category: Insecure Configurations
URL: Github

Description¶

Redis Cache resources should not allow non-SSL connections
Documentation

Code samples¶

Code samples with security vulnerabilities¶

Postitive test num. 1 - yaml file

- name: Non SSl Allowed
  azure_rm_rediscache:
      resource_group: myResourceGroup
      name: myRedis
      enable_non_ssl_port: yes

Code samples without security vulnerabilities¶

Negative test num. 1 - yaml file

- name: Non SSl Disallowed
  azure_rm_rediscache:
    resource_group: myResourceGroup
    name: myRedis
    enable_non_ssl_port: no
- name: Non SSl Undefined
  azure_rm_rediscache:
    resource_group: myResourceGroup
    name: myRedis