Enable SSL and use a specified TLS version for a Redis instance

更新时间:
复制 MD 格式

A Redis instance is considered compliant if SSL is enabled and its TLS version is one of the versions specified in the parameter.

Scenarios

To secure data transmission, enable Secure Sockets Layer (SSL) encryption for your Redis instances. Use a secure TLS version, such as TLSv1.2 or TLSv1.3.

Risk level

Default risk level: Medium.

When using this rule, you can change the risk level as needed.

Detection logic

  • A Redis instance is considered compliant if SSL is enabled and its TLS version is one of the versions specified in the parameter. The default TLS versions are TLSv1.2 and TLSv1.3.

Rule details

Parameter

Description

Rule name

Enable SSL and use a specified TLS version for a Redis instance

Rule identifier

redis-instance-tls-version-check

Tags

Redis, TLS

Automatic remediation

Not supported

Rule trigger mechanism

Periodic execution

Trigger frequency

24 hours

Supported resource types

Redis instance

Input parameters

tlsVersion

Remediation

To remediate a non-compliant resource, see Enable TLS encryption.