Non SSL Redis Cache port is enabled

ID

azure_ssl_redis_cache

Severity

high

Vendor

Azure

Resource

Encryption

Tags

asvs50-v12.1.1, reachable

Description

Non SSL Redis Cache port is enabled. You can use the non SSL port to connect with the Redis Cache, which is a security problem because the data transfer is in the plain text.

To avoid this remove the property enable_non_ssl_port or set to false.

Learn more about this topic at Azure Redis Cache SSL property.

Examples

---
- name: Example playbook
  hosts: localhost
  tasks:
    - name: Create an Azure Cache for Redis
      azure_rm_rediscache:
        resource_group: myResourceGroup
        name: myRedis
        enable_non_ssl_port: yes
        sku:
          name: basic
          size: C1

Mitigation / Fix

---
- name: Example playbook
  hosts: localhost
  tasks:
    - name: Create an Azure Cache for Redis
      azure_rm_rediscache:
        resource_group: myResourceGroup
        name: myRedis
        sku:
          name: basic
          size: C1