Redis Cache Allows Non SSL Connections

• Query id: 6c7cfec3-c686-4ed2-bf58-a1ec054b63fc
• Query name: Redis Cache Allows Non SSL Connections
• Platform: Crossplane
• Severity: Medium
• Category: Encryption
• URL: Github

Description

Redis Cache resource should not allow non-SSL connections.
Documentation

Code samples

Code samples with security vulnerabilities

Postitive test num. 1 - yaml file

apiVersion: cache.azure.crossplane.io/v1beta1
kind: Redis
metadata:
  name: azureRedis3
spec:
  providerConfigRef:
    name: crossplane-azure
  forProvider:
    location: West Europe
    sku:
      name: Basic
      family: C
      capacity: 0
    enableNonSslPort: true

Code samples without security vulnerabilities

Negative test num. 1 - yaml file

apiVersion: cache.azure.crossplane.io/v1beta1
kind: Redis
metadata:
  name: azureRedis
spec:
  providerConfigRef:
    name: crossplane-azure
  forProvider:
    location: West Europe
    sku:
      name: Basic
      family: C
      capacity: 0
    enableNonSslPort: false
---
apiVersion: cache.azure.crossplane.io/v1beta1
kind: Redis
metadata:
  name: azureRedis2
spec:
  providerConfigRef:
    name: crossplane-azure
  forProvider:
    location: West Europe
    sku:
      name: Basic
      family: C
      capacity: 0