| DISA_STIG_VMware_vSphere_7.0_vCA_PostgreSQL_v1r2.audit from DISA VMware vSphere 7.0 vCenter Appliance PostgreSQL v1r2 STIG | |
| VCPG-70-000001 - VMware Postgres must limit the number of connections. | ACCESS CONTROL |
| VCPG-70-000002 - VMware Postgres log files must contain required fields. | AUDIT AND ACCOUNTABILITY |
| VCPG-70-000003 - VMware Postgres configuration files must not be accessible by unauthorized users. | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| VCPG-70-000004 - VMware Postgres must be configured to overwrite older logs when necessary. | AUDIT AND ACCOUNTABILITY |
| VCPG-70-000005 - The VMware Postgres database must protect log files from unauthorized access and modification. | AUDIT AND ACCOUNTABILITY |
| VCPG-70-000006 - All vCenter database (VCDB) tables must be owned by the 'vc' user account. | CONFIGURATION MANAGEMENT |
| VCPG-70-000007 - VMware Postgres must limit modify privileges to authorized accounts. | CONFIGURATION MANAGEMENT |
| VCPG-70-000008 - VMware Postgres must be configured to use the correct port. | CONFIGURATION MANAGEMENT |
| VCPG-70-000009 - VMware Postgres must require authentication on all connections. | IDENTIFICATION AND AUTHENTICATION |
| VCPG-70-000010 - The vPostgres database must use 'md5' for authentication. | IDENTIFICATION AND AUTHENTICATION |
| VCPG-70-000011 - VMware Postgres must be configured to use Transport Layer Security (TLS). | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCPG-70-000012 - VMware Postgres must enforce authorized access to all public key infrastructure (PKI) private keys. | IDENTIFICATION AND AUTHENTICATION |
| VCPG-70-000013 - VMware Postgres must use FIPS 140-2 approved Transport Layer Security (TLS) ciphers. | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCPG-70-000014 - VMware Postgres must write log entries to disk prior to returning operation success or failure. | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCPG-70-000015 - VMware Postgres must not allow schema access to unauthorized accounts. | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCPG-70-000016 - VMware Postgres must provide nonprivileged users with minimal error information. | SYSTEM AND INFORMATION INTEGRITY |
| VCPG-70-000017 - VMware Postgres must have log collection enabled. | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| VCPG-70-000018 - VMware Postgres must be configured to log to 'stderr'. | AUDIT AND ACCOUNTABILITY |
| VCPG-70-000019 - 'Rsyslog' must be configured to monitor VMware Postgres logs. | AUDIT AND ACCOUNTABILITY |
| VCPG-70-000020 - VMware Postgres must use Coordinated Universal Time (UTC) for log timestamps. | AUDIT AND ACCOUNTABILITY |
