Redis Cache Allows Non SSL Connections

  • Query id: 6c7cfec3-c686-4ed2-bf58-a1ec054b63fc
  • Query name: Redis Cache Allows Non SSL Connections
  • Platform: Crossplane
  • Severity: Medium
  • Category: Encryption
  • URL: Github

Description

Redis Cache resource should not allow non-SSL connections.
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file
apiVersion: cache.azure.crossplane.io/v1beta1
kind: Redis
metadata:
  name: azureRedis3
spec:
  providerConfigRef:
    name: crossplane-azure
  forProvider:
    location: West Europe
    sku:
      name: Basic
      family: C
      capacity: 0
    enableNonSslPort: true

Code samples without security vulnerabilities

Negative test num. 1 - yaml file
apiVersion: cache.azure.crossplane.io/v1beta1
kind: Redis
metadata:
  name: azureRedis
spec:
  providerConfigRef:
    name: crossplane-azure
  forProvider:
    location: West Europe
    sku:
      name: Basic
      family: C
      capacity: 0
    enableNonSslPort: false
---
apiVersion: cache.azure.crossplane.io/v1beta1
kind: Redis
metadata:
  name: azureRedis2
spec:
  providerConfigRef:
    name: crossplane-azure
  forProvider:
    location: West Europe
    sku:
      name: Basic
      family: C
      capacity: 0