Azure Synapse Spark Pool not using isolated compute
Description
This policy detects whether isolated compute is disabled for Synapse Spark pools in Azure. Isolated compute utilizes dedicated resources that are not shared with other customers. This isolation minimizes data breach and unauthorized access risks, enhancing security for your Spark pools. Enabling isolated compute is crucial for maintaining high security standards, especially when handling sensitive data or running critical applications within Synapse Spark pools.
Code Example
go
resource "azurerm_synapse_spark_pool" "example" {
...
compute_isolation_enabled = true
}Remediation
Terraform
- Resource: azurerm_synapse_spark_pool
- Arguments: compute_isolation_enabled
Enable isolated compute in your Azure Synapse Spark pool: Set the compute_isolation_enabled property to true in the pool's configuration.
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0749 |
| Severity | INFO |
| IaC Type | arm |
| Frameworks | Terraform, |
| Checkov ID | CKV_AZURE_242 |