Skip to content

PostgreSQL Connection String

Service Name: PostgreSQL

Service Description: PostgreSQL is an advanced, enterprise-class, and open-source relational database system. It supports both SQL (relational) and JSON (non-relational) querying and is known for its proven architecture, reliability, data integrity, robust feature set, and extensibility.

Service Address: https://www.postgresql.org/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured in the PostgreSQL configuration file (pg_hba.conf) to limit connections based on IP addresses or ranges.

Secret Access Scope: Grants direct access to a PostgreSQL database, including the ability to read, write, modify, and potentially delete data depending on the user's permissions.

Secret Revokement URL: Does not exist (managed through database administration)

Secret Example: postgresql://username:password@hostname:5432/database

Suspicious Activity Investigation Instructions:

  • Review database logs for unusual query patterns or access times
  • Check for unexpected high-volume data transfers or unusual query types
  • Monitor for unauthorized schema changes or table modifications
  • Look for login attempts from unusual IP addresses or locations
  • Examine user permission changes or role assignments

Mitigation Instructions:

  • Change the password for the affected database user immediately
  • Revoke and rotate any compromised credentials using: ALTER USER username WITH PASSWORD 'new_password';
  • Review and restrict database user permissions to follow the principle of least privilege
  • Update connection strings in all applications using the affected credentials
  • Enable connection encryption (SSL/TLS) if not already in use
  • Implement IP-based access restrictions in pg_hba.conf
  • Consider implementing connection pooling to better manage and monitor database connections
  • Enable more detailed logging to track future access attempts