Ensure Cognitive Services disables public network access

Error: Cognitive Services does not disable public network access

Bridgecrew Policy ID: BC_AZR_NETWORKING_48
Checkov Check ID: CKV_AZURE_134
Severity: LOW

Cognitive Services does not disable public network access

Description

Disabling the public network access property improves security by ensuring your Cognitive Services can only be accessed from a private endpoint. This configuration strictly disables access from any public address space outside of Azure IP range and denies all logins that match IP or virtual network-based firewall rules.

Fix - Buildtime

Terraform

  • Resource: azurerm_cognitive_account
  • Argument: public_network_access_enabled
resource "azurerm_cognitive_account" "example" {
              ...
+             public_network_access_enabled    = false
              ...
}

Did this page help you?