Ensure Azure Databricks workspace is not public
Error: Azure Databricks workspace is public
Bridgecrew Policy ID: BC_AZR_NETWORKING_49
Checkov Check ID: CKV_AZURE_158
Severity: LOW
Azure Databricks workspace is public
Description
Disabling the public network access property improves security by ensuring your Azure Databricks workspace can only be accessed from a private endpoint. This configuration strictly disables access from any public address space outside of Azure IP range and denies all logins that match IP or virtual network-based firewall rules.
Fix - Runtime
TBD
Fix - Buildtime
Terraform
- Resource: azurerm_databricks_workspace
- Argument: public_network_access_enabled
resource "azurerm_databricks_workspace" "pass" {
name = "databricks-test"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
sku = "standard"
public_network_access_enabled = false
tags = {
Environment = "Production"
}
}
Updated 6 months ago