Ensure network interfaces do not use public IPs

Error: Network interfaces use public IPs

Bridgecrew Policy ID: BC_AZR_NETWORKING_36
Checkov Check ID: CKV_AZURE_119
Severity: LOW

Network interfaces use public IPs

Description

A public IP address is an IPv4 address that is reachable from the Internet. You can use public addresses for communication between your instances and the Internet.

We recommend you control whether your network interfaces are required to use a public IP address.

Fix - Buildtime

Terraform

Resource: azurerm_network_interface
Argument: ip_configuration.public_ip_address_id (not exists)

resource "azurerm_network_interface" "example" {
                  name                = "example-nic"
                  location            = azurerm_resource_group.example.location
                  resource_group_name = azurerm_resource_group.example.name
                
                  ip_configuration {
                    name                          = "internal"
                    subnet_id                     = azurerm_subnet.example.id
                    private_ip_address_allocation = "Dynamic"
                  }       
                    ip_configuration {
                    name                          = "internal2"
                    subnet_id                     = azurerm_subnet.example.id2
                    private_ip_address_allocation = "Dynamic"
                  }
                  enable_ip_forwarding = false
                }

Updated 10 months ago