A Redis instance is considered compliant if SSL is enabled and its TLS version is one of the versions specified in the parameter.
Scenarios
To secure data transmission, enable Secure Sockets Layer (SSL) encryption for your Redis instances. Use a secure TLS version, such as TLSv1.2 or TLSv1.3.
Risk level
Default risk level: Medium.
When using this rule, you can change the risk level as needed.
Detection logic
A Redis instance is considered compliant if SSL is enabled and its TLS version is one of the versions specified in the parameter. The default TLS versions are TLSv1.2 and TLSv1.3.
Rule details
Parameter | Description |
Rule name | Enable SSL and use a specified TLS version for a Redis instance |
Rule identifier | |
Tags | Redis, TLS |
Automatic remediation | Not supported |
Rule trigger mechanism | Periodic execution |
Trigger frequency | 24 hours |
Supported resource types | Redis instance |
Input parameters | tlsVersion |
Remediation
To remediate a non-compliant resource, see Enable TLS encryption.