Ensure Infrastructure double encryption for PostgreSQL Database Server is Enabled
Why This Matters
Infrastructure double encryption adds a hardware-level layer of protection beneath the storage and network encryption already in place. This ensures data is encrypted at all stages, including in memory and processor cache, so even if network encryption is compromised, the data remains secure. Without this second layer, sensitive information in your PostgreSQL database is more vulnerable to interception and unauthorized access.
What Aether365 Checks
Aether365 verifies that infrastructure double encryption is enabled on your Azure Database for PostgreSQL Single Server instances. This check appears in the Aether365 dashboard under the Azure PostgreSQL Configuration section, and it applies only to Single Server (not Flexible Server).
How to Fix
To enable infrastructure double encryption, you must configure it at server creation time. This setting cannot be changed after the server is deployed.