Workload misconfigurations

Ensure the PostgreSQL Audit Extension (pgAudit) is enabled (Automated)

Risk Level

Informational (4)

Platform(s)

Description

Basic statement logging can be provided by the standard logging facility with log_statement = all. This is acceptable for monitoring and other uses but does not provide the level of detail generally required for an audit. It is not enough to have a list of all the operations performed against the database, it must also be possible to find particular statements that are of interest to an auditor.
  • Recommend icon

    Recommended Mitigation

    Further relevant information can be found in the following AWS documentation: <a href="https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.PostgreSQL.CommonDBATasks.Parameters.html" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.PostgreSQL.CommonDBATasks.Parameters.html</a>

Need help?

Get a free Security Risk Assessment. Start today

A screenshot of the Orca platform dashboard summarizing all of your cloud security risks

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo