Description

Azure Database for PostgreSQL allows by default to prefer connections using TLS (previously known as SSL). enforcing TLS connections helps protect against 'man-in-the-middle' attacks by encrypting the data stream. The server {AzureMySqlDbServer} was found configured without SSL enforce enabled when accessed.

• 

  Recommended Mitigation

  For each database, under connection security, set 'Enforce SSL Connection' to ENABLED. see further reference at https://docs.microsoft.com/en-us/azure/mysql/concepts-ssl-connection-security