PlatformResourcesSign inSign Up

Networking Policies

Suggest Edits

How to Use this Page

This page lists the Azure Networking Policies that Bridgecrew helps you enforce. You can browse this page, or search for a specific policy ID or short title. For each policy, press the link for more details about a policy and its fix options.

Ensure Azure instance authenticates using SSH keys
Policy ID: BC_AZR_NETWORKING_1

Ensure RDP Internet access is restricted
Policy ID: BC_AZR_NETWORKING_2

Ensure SSH Internet access is restricted
Policy ID: BC_AZR_NETWORKING_3

Ensure SQL databases do not allow ingress from 0.0.0.0/0
Policy ID: BC_AZR_NETWORKING_4

Ensure Azure App Service Web app redirects HTTP to HTTPS
Policy ID: BC_AZR_NETWORKING_5

Ensure Web App uses the latest version of TLS encryption
Policy ID: BC_AZR_NETWORKING_6

Ensure Web App has incoming client certificates enabled
Policy ID: BC_AZR_NETWORKING_7

Ensure Web App uses the latest version of HTTP
Policy ID: BC_AZR_NETWORKING_8

Ensure MySQL server databases have Enforce SSL connection enabled
Policy ID: BC_AZR_NETWORKING_9

Ensure Azure PostgreSQL database server with SSL connection is enabled
Policy ID: BC_AZR_NETWORKING_10

Ensure Azure PostgreSQL database server with log checkpoints parameter is enabled
Policy ID: BC_AZR_NETWORKING_11

Ensure Azure PostgreSQL database server with log connections parameter is enabled
Policy ID: BC_AZR_NETWORKING_12

Ensure Azure PostgreSQL database server with connection throttling parameter is enabled
Policy ID: BC_AZR_NETWORKING_13

Ensure public access level for Blob Containers is set to private
Policy ID: BC_AZR_NETWORKING_14

Ensure Azure Storage Account default network access is set to Deny
Policy ID: BC_AZR_NETWORKING_15

Ensure Azure Storage Account Trusted Microsoft Services access is enabled
Policy ID: BC_AZR_NETWORKING_16

Ensure MariaDB servers have Enforce SSL connection enabled
Policy ID: BC_AZR_NETWORKING_17

Ensure Azure storage account does not allow blob containers with public access
Policy ID: BC_AZR_NETWORKING_18

Ensure storage accounts have secure transfer enabled
Policy ID: BC_AZR_NETWORKING_19

Ensure PostgreSQL server disables public network access
Policy ID: BC_AZR_NETWORKING_20

Ensure function apps are only accessible over HTTPS
Policy ID: BC_AZR_NETWORKING_21

Ensure UDP Services are restricted from the Internet
Policy ID: BC_AZR_NETWORKING_22

Ensure Azure cache for Redis has public network access disabled
Policy ID: BC_AZR_NETWORKING_23

Ensure only SSL are enabled for cache for Redis
Policy ID: BC_AZR_NETWORKING_24

Ensure Azure container container group is deployed into a virtual network
Policy ID: BC_AZR_NETWORKING_25

Ensure Cosmos DB accounts have restricted access
Policy ID: BC_AZR_NETWORKING_26

Ensure Azure Synapse workspaces have no IP firewall rules attached
Policy ID: BC_AZR_NETWORKING_27

Ensure Azure Cosmos DB disables public network access
Policy ID: BC_AZR_NETWORKING_28

Ensure Azure Data factory public network access is disabled
Policy ID: BC_AZR_NETWORKING_29

Ensure Azure Event Grid domain public network access is disabled
Policy ID: BC_AZR_NETWORKING_30

Ensure API management services use virtual networks
Policy ID: BC_AZR_NETWORKING_31

Ensure Azure IoT Hub disables public network access
Policy ID: BC_AZR_NETWORKING_32

Ensure key vault allows firewall rules settings
Policy ID: BC_AZR_NETWORKING_33

Ensure SQL server disables public network access
Policy ID: BC_AZR_NETWORKING_34

Ensure Azure virtual machine NIC has IP forwarding disabled
Policy ID: BC_AZR_NETWORKING_35

Ensure network interfaces do not use public IPs
Policy ID: BC_AZR_NETWORKING_36

Ensure Azure application gateway has WAF enabled
Policy ID: BC_AZR_NETWORKING_37

Ensure Azure front door has WAF enabled
Policy ID: BC_AZR_NETWORKING_38

Ensure application gateway uses WAF in Detection or Prevention modes
Policy ID: BC_AZR_NETWORKING_39

Ensure Azure front door uses WAF in Detection or Prevention modes
Policy ID: BC_AZR_NETWORKING_40

Ensure Azure cognitive search disables public network access
Policy ID: BC_AZR_NETWORKING_41

Ensure Azure file sync disables public network access
Policy ID: BC_AZR_NETWORKING_42

Ensure Azure Synapse Workspaces enable managed virtual networks
Policy ID: BC_AZR_NETWORKING_43

Ensure My SQL server disables public network access
Policy ID: BC_AZR_NETWORKING_44

Ensure 'public network access enabled' is set to False for MySQL servers
Policy ID: BC_AZR_NETWORKING_45

Updated about 2 years ago