Ensure Azure Data factory public network access is disabled

Error: Azure Data Factory (V2) configured with overly permissive network access

Bridgecrew Policy ID: BC_AZR_NETWORKING_29
Checkov Check ID: [CKV_AZURE_104] (https://github.com/bridgecrewio/checkov/tree/master/checkov/terraform/checks/resource/azure/DataFactoryNoPublicNetworkAccess.py)
Severity: HIGH

Azure Data Factory (V2) configured with overly permissive network access

Description

By ensuring that your Azure Data factory is not public, you can help protect your data from unauthorized access or tampering. Public Azure Data factory instances are accessible over the internet, which can make them vulnerable to external threats such as hackers or malware. By making it private, you can help ensure that only authorized users can access the data.

Fix - Buildtime

Terraform

  • Resource: azurerm_data_factory
  • Argument: public_network_enabled
resource "azurerm_data_factory" "example" {
              ...
+             public_network_enabled = false
            }