Azure-PostgreSQLServer-Connection-Throttling-Enabled

Severity: Medium

Description: This control ensures that server parameter "connection_throttling" is set to "ON" for PostgreSQL Database Server. Enabling connection_throttling helps the PostgreSQL Database to Set the verbosity of logged messages which in turn generates query and error logs with respect to concurrent connections, that could lead to a successful Denial of Service (DoS) attack by exhausting connection resources. A system can also fail or be degraded by an overload of legitimate users. Query and error logs can be used to identify, troubleshoot, and repair configuration errors and sub-optimal performance.

Remediation Steps:

Perform following to update PostgreSQL parameters:

1. Login to Azure Portal using https://portal.azure.com.

2. Go to PostgreSQL server.

3. For each database, click on Server parameters.

4. Search for connection_throttling.

5. Set value ON and save.

Important:

Reference:

• Azure Foundations Benchmark v1.3.0 - 02-01-2021 : Recommendation #4.3.6

• https://docs.microsoft.com/en-us/rest/api/postgresql/configurations/listbyserver