Checks whether SSL encryption is enabled for an ApsaraDB for OceanBase cluster.
Scenarios
Enable SSL encryption for an ApsaraDB for OceanBase cluster to secure data transmission between client and server.
Risk level
Default risk level: high.
You can change the risk level when you apply this rule.
Evaluation logic
- If SSL encryption is enabled for the ApsaraDB for OceanBase cluster, the cluster is compliant.
- If SSL encryption is disabled for the ApsaraDB for OceanBase cluster, the cluster is non-compliant. Fix this by following Non-compliance remediation.
Rule details
| Item | Description |
| Rule name | oceanbase-instance-enabled-ssl |
| Rule ID | oceanbase-instance-enabled-ssl |
| Tag | OceanBase and SSL |
| Automatic remediation | Not supported |
| Trigger type | Configuration change |
| Supported resource type | ApsaraDB for OceanBase cluster |
| Input parameter | None |
Non-compliance remediation
Enable SSL encryption for the ApsaraDB for OceanBase cluster as described in SSL link encryption.