Azure file sync enables public network access
Description
By ensuring that your Azure file sync is not public, you can help protect your data from unauthorized access or tampering. Public Azure file sync are accessible over the internet, which can make them vulnerable to external threats such as hackers or malware. By making it private, you can help ensure that only authorized users can access the data.
Code Example
go
resource "azurerm_storage_sync" "test" {
...
+ incoming_traffic_policy = AllowVirtualNetworksOnly
}Remediation
Terraform
- Resource: azurerm_storage_sync
- Arguments: incoming_traffic_policy
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0572 |
| Severity | LOW |
| IaC Type | arm |
| Frameworks | Terraform, |
| Checkov ID | CKV_AZURE_64 |