Azure Databricks workspace is public

Description

Disabling the public network access property improves security by ensuring your Azure Databricks workspace can only be accessed from a private endpoint. This configuration strictly disables access from any public address space outside of Azure IP range and denies all logins that match IP or virtual network-based firewall rules.

Fix - Runtime

TBD

Fix - Buildtime

Terraform

• Resource: azurerm_databricks_workspace
• Argument: public_network_access_enabled

resource "azurerm_databricks_workspace" "pass" {
  name                          = "databricks-test"
  resource_group_name           = azurerm_resource_group.example.name
  location                      = azurerm_resource_group.example.location
  sku                           = "standard"
  public_network_access_enabled = false

  tags = {
    Environment = "Production"
  }
}