Redis Cache Allows Non SSL Connections
- Query id: e29a75e6-aba3-4896-b42d-b87818c16b58
- Query name: Redis Cache Allows Non SSL Connections
- Platform: Terraform
- Severity: Medium
- Category: Insecure Configurations
- CWE: 319
- URL: Github
Description¶
Redis Cache resources should not allow non-SSL connections
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "azurerm_redis_cache" "positive1" {
name = "example-cache"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
capacity = 2
family = "C"
sku_name = "Standard"
enable_non_ssl_port = true
minimum_tls_version = "1.2"
redis_configuration {
}
}
Code samples without security vulnerabilities¶
Negative test num. 1 - tf file
resource "azurerm_redis_cache" "negative1" {
name = "example-cache"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
capacity = 2
family = "C"
sku_name = "Standard"
enable_non_ssl_port = false
minimum_tls_version = "1.2"
redis_configuration {
}
}
resource "azurerm_redis_cache" "negative2" {
name = "example-cache"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
capacity = 2
family = "C"
sku_name = "Standard"
minimum_tls_version = "1.2"
redis_configuration {
}
}