Ensure Cognitive Services disables public network access
Error: Cognitive Services does not disable public network access
Bridgecrew Policy ID: BC_AZR_NETWORKING_48
Checkov Check ID: CKV_AZURE_134
Severity: LOW
Cognitive Services does not disable public network access
Description
Disabling the public network access property improves security by ensuring your Cognitive Services can only be accessed from a private endpoint. This configuration strictly disables access from any public address space outside of Azure IP range and denies all logins that match IP or virtual network-based firewall rules.
Fix - Buildtime
Terraform
- Resource: azurerm_cognitive_account
- Argument: public_network_access_enabled
resource "azurerm_cognitive_account" "example" {
...
+ public_network_access_enabled = false
...
}
Updated about 2 years ago