Networking Policies
How to Use this Page
This page lists the Azure Networking Policies that Bridgecrew helps you enforce. You can browse this page, or search for a specific policy ID or short title. For each policy, press the link for more details about a policy and its fix options.
Ensure Azure instance authenticates using SSH keys
Policy ID: BC_AZR_NETWORKING_1
Ensure RDP Internet access is restricted
Policy ID: BC_AZR_NETWORKING_2
Ensure SSH Internet access is restricted
Policy ID: BC_AZR_NETWORKING_3
Ensure SQL databases do not allow ingress from 0.0.0.0/0
Policy ID: BC_AZR_NETWORKING_4
Ensure Azure App Service Web app redirects HTTP to HTTPS
Policy ID: BC_AZR_NETWORKING_5
Ensure Web App uses the latest version of TLS encryption
Policy ID: BC_AZR_NETWORKING_6
Ensure Web App has incoming client certificates enabled
Policy ID: BC_AZR_NETWORKING_7
Ensure Web App uses the latest version of HTTP
Policy ID: BC_AZR_NETWORKING_8
Ensure MySQL server databases have Enforce SSL connection enabled
Policy ID: BC_AZR_NETWORKING_9
Ensure Azure PostgreSQL database server with SSL connection is enabled
Policy ID: BC_AZR_NETWORKING_10
Ensure Azure PostgreSQL database server with log checkpoints parameter is enabled
Policy ID: BC_AZR_NETWORKING_11
Ensure Azure PostgreSQL database server with log connections parameter is enabled
Policy ID: BC_AZR_NETWORKING_12
Ensure Azure PostgreSQL database server with connection throttling parameter is enabled
Policy ID: BC_AZR_NETWORKING_13
Ensure public access level for Blob Containers is set to private
Policy ID: BC_AZR_NETWORKING_14
Ensure Azure Storage Account default network access is set to Deny
Policy ID: BC_AZR_NETWORKING_15
Ensure Azure Storage Account Trusted Microsoft Services access is enabled
Policy ID: BC_AZR_NETWORKING_16
Ensure MariaDB servers have Enforce SSL connection enabled
Policy ID: BC_AZR_NETWORKING_17
Ensure Azure storage account does not allow blob containers with public access
Policy ID: BC_AZR_NETWORKING_18
Ensure storage accounts have secure transfer enabled
Policy ID: BC_AZR_NETWORKING_19
Ensure PostgreSQL server disables public network access
Policy ID: BC_AZR_NETWORKING_20
Ensure function apps are only accessible over HTTPS
Policy ID: BC_AZR_NETWORKING_21
Ensure UDP Services are restricted from the Internet
Policy ID: BC_AZR_NETWORKING_22
Ensure Azure cache for Redis has public network access disabled
Policy ID: BC_AZR_NETWORKING_23
Ensure only SSL are enabled for cache for Redis
Policy ID: BC_AZR_NETWORKING_24
Ensure Azure container container group is deployed into a virtual network
Policy ID: BC_AZR_NETWORKING_25
Ensure Cosmos DB accounts have restricted access
Policy ID: BC_AZR_NETWORKING_26
Ensure Azure Synapse workspaces have no IP firewall rules attached
Policy ID: BC_AZR_NETWORKING_27
Ensure Azure Cosmos DB disables public network access
Policy ID: BC_AZR_NETWORKING_28
Ensure Azure Data factory public network access is disabled
Policy ID: BC_AZR_NETWORKING_29
Ensure Azure Event Grid domain public network access is disabled
Policy ID: BC_AZR_NETWORKING_30
Ensure API management services use virtual networks
Policy ID: BC_AZR_NETWORKING_31
Ensure Azure IoT Hub disables public network access
Policy ID: BC_AZR_NETWORKING_32
Ensure key vault allows firewall rules settings
Policy ID: BC_AZR_NETWORKING_33
Ensure SQL server disables public network access
Policy ID: BC_AZR_NETWORKING_34
Ensure Azure virtual machine NIC has IP forwarding disabled
Policy ID: BC_AZR_NETWORKING_35
Ensure network interfaces do not use public IPs
Policy ID: BC_AZR_NETWORKING_36
Ensure Azure application gateway has WAF enabled
Policy ID: BC_AZR_NETWORKING_37
Ensure Azure front door has WAF enabled
Policy ID: BC_AZR_NETWORKING_38
Ensure application gateway uses WAF in Detection or Prevention modes
Policy ID: BC_AZR_NETWORKING_39
Ensure Azure front door uses WAF in Detection or Prevention modes
Policy ID: BC_AZR_NETWORKING_40
Ensure Azure cognitive search disables public network access
Policy ID: BC_AZR_NETWORKING_41
Ensure Azure file sync disables public network access
Policy ID: BC_AZR_NETWORKING_42
Ensure Azure Synapse Workspaces enable managed virtual networks
Policy ID: BC_AZR_NETWORKING_43
Ensure My SQL server disables public network access
Policy ID: BC_AZR_NETWORKING_44
Ensure 'public network access enabled' is set to False for MySQL servers
Policy ID: BC_AZR_NETWORKING_45
Updated about 2 years ago