STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to STIGs

VMW vRealize Automation 7.x PostgreSQL Security Technical Implementation Guide

Version

V1R2

Benchmark ID

VMW_vRealize_Automation_7-x_PostgreSQL_STIG

Total Checks

69

Tags

database
CAT I: 6CAT II: 62CAT III: 1

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKLExport CSVExport JSON

Checks (69)

V-240276MEDIUMvRA PostgreSQL database log file data must contain required data elements.V-240277MEDIUMThe vRA PostgreSQL configuration file must not be accessible by unauthorized users.V-240278MEDIUMThe vRA PostgreSQL database must set the log_statement to all.V-240279MEDIUMThe vRA PostgreSQL database must set the log_statement to all.V-240280MEDIUMvRA PostgreSQL database log file data must contain required data elements.V-240281MEDIUMvRA PostgreSQL database log file data must contain required data elements.V-240282MEDIUMvRA PostgreSQL database log file data must contain required data elements.V-240283MEDIUMvRA PostgreSQL database log file data must contain required data elements.V-240284MEDIUMvRA PostgreSQL database log file data must contain required data elements.V-240285MEDIUMvRA PostgreSQL database log file data must contain required data elements.V-240286MEDIUMvRA PostgreSQL database log file data must contain required data elements.V-240287LOWvRA PostgreSQL database must have log_truncate_on_rotation enabled.V-240288MEDIUMThe vRA PostgreSQL database must have the correct permissions on the log files.V-240289MEDIUMThe vRA PostgreSQL database must have the correct ownership on the log files.V-240290MEDIUMThe vRA PostgreSQL database must have the correct group-ownership on the log files.V-240291MEDIUMThe vRA PostgreSQL configuration files must have the correct permissions.V-240292MEDIUMThe vRA PostgreSQL configuration files must have the correct ownership.V-240293MEDIUMThe vRA PostgreSQL configuration files must have the correct group-ownership.V-240294MEDIUMvRA PostgreSQL database objects must only be accessible to the postgres account.V-240295MEDIUMThe vRA PostgreSQL database must limit modify privileges to authorized accounts.V-240296MEDIUMThe vRA PostgreSQL database must not contain sample data.V-240297MEDIUMThe vRA PostgreSQL database must be limited to authorized accounts.V-240298MEDIUMThe vRA PostgreSQL database must use md5 for authentication.V-240299MEDIUMThe vRA PostgreSQL database must be configured to use ssl.V-240300MEDIUMThe vRA PostgreSQL database must complete writing log entries prior to returning results.V-240301MEDIUMThe vRA PostgreSQL must not allow access to unauthorized accounts.V-240302MEDIUMData from the vRA PostgreSQL database must be protected from unauthorized transfer.V-240303MEDIUMThe vRA PostgreSQL error file must be protected from unauthorized access.V-240304MEDIUMThe vRA PostgreSQL database must have log collection enabled.V-240305MEDIUMThe vRA PostgreSQL database must be configured to use a syslog facility.V-240306MEDIUMThe vRA PostgreSQL database must be configured to use a syslog facility.V-240307MEDIUMThe vRA PostgreSQL database must use UTC for log timestamps.V-240308MEDIUMvRA PostgreSQL database log file data must contain required data elements.V-240309MEDIUMThe DBMS must enforce access restrictions associated with changes to the configuration of the DBMS or database(s).V-240310MEDIUMvRA PostgreSQL database must be configured to validate character encoding to UTF-8.V-240311HIGHThe vRA PostgreSQL database security updates and patches must be installed in a timely manner in accordance with site policy.V-240312MEDIUMThe vRA PostgreSQL database must set the log_statement to all.V-240313MEDIUMThe vRA PostgreSQL database must set the log_statement to all.V-240314MEDIUMThe vRA PostgreSQL database must set the log_statement to all.V-240315MEDIUMThe vRA PostgreSQL database must set the log_statement to all.V-240316MEDIUMThe DBMS must generate audit records when privileges/permissions are modified.V-240317MEDIUMThe DBMS must generate audit records when unsuccessful attempts to modify privileges/permissions occur.V-240318MEDIUMThe DBMS must generate audit records when security objects are modified.V-240319MEDIUMThe DBMS must generate audit records when unsuccessful attempts to modify security objects occur.V-240320MEDIUMThe vRA PostgreSQL database must set the log_statement to all.V-240321MEDIUMThe vRA PostgreSQL database must set the log_statement to all.V-240322MEDIUMThe vRA PostgreSQL database must set the log_statement to all.V-240323MEDIUMThe vRA PostgreSQL database must set the log_statement to all.V-240324MEDIUMThe vRA PostgreSQL database must set the log_statement to all.V-240325MEDIUMThe vRA PostgreSQL database must set log_connections to on.V-240326MEDIUMThe vRA PostgreSQL database must set the log_min_messages to warning.V-240327MEDIUMThe vRA PostgreSQL database must set the log_statement to all.V-240328MEDIUMThe vRA PostgreSQL database must set the log_statement to all.V-240329MEDIUMThe vRA PostgreSQL database must set log_connections to on.V-240330MEDIUMThe vRA PostgreSQL database must set log_connections to on.V-240331MEDIUMThe vRA PostgreSQL database must set the log_statement to all.V-240332MEDIUMThe vRA PostgreSQL database must set the log_statement to all.V-240333MEDIUMThe vRA PostgreSQL database must set the log_statement to all.V-240334HIGHThe vRA PostgreSQL database must use FIPS 140-2 ciphers.V-240335HIGHThe vRA PostgreSQL database must use FIPS 140-2 ciphers.V-240336HIGHThe vRA PostgreSQL database must use FIPS 140-2 ciphers.V-240337MEDIUMThe vRA PostgreSQL database must be configured to use a syslog facility.V-240338MEDIUMvRA PostgreSQL must have the latest approved security-relevant software updates installed.V-240339HIGHThe DBMS must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations.V-240340MEDIUMvRA Postgres must be configured to use the correct port.V-240341MEDIUMThe vRA PostgreSQL database must have log collection enabled.V-240342MEDIUMvRA Postgres must be configured to use the correct port.V-240343MEDIUMvRA PostgreSQL must limit the number of connections.V-258453HIGHThe version of vRealize Automation 7.x PostgreSQL running on the system must be a supported version.