If SSL encryption is enabled for a PolarDB cluster, the evaluation result is Compliant.
Scenarios
You can use this rule to verify that SSL encryption is enabled for PolarDB clusters. After you enable the feature, install SSL CA certificates on your application. SSL encrypts connections at the transport layer, improving communication security and ensuring data integrity.
Risk level
Default risk level: medium.
You can change the risk level when you apply this rule.
Compliance evaluation logic
- If SSL encryption is enabled for a PolarDB cluster, the evaluation result is Compliant.
- If SSL encryption is disabled for a PolarDB cluster, the evaluation result is Incompliant. To remediate an incompliant configuration, see Incompliance remediation.
Rule details
| Item | Description |
| Rule name | polardb-cluster-enabled-ssl |
| Rule identifier | polardb-cluster-enabled-ssl |
| Tag | PolarDB and SSL |
| Automatic remediation | Not supported |
| Trigger type | Periodic execution |
| Evaluation frequency | Interval of 24 hours |
| Supported resource type | PolarDB cluster |
| Input parameter | None. |
Incompliance remediation
Enable the SSL encryption feature for a PolarDB cluster. For more information, see Configure SSL encryption.
该文章对您有帮助吗?