Ensure Azure Virtual Machine disks are configured without public network access
Description
This policy checks whether Azure Virtual Machine disks are configured to allow public network access. Public access to VM disks can pose a security risk by potentially exposing sensitive data. It is essential to restrict access to VM disks to prevent unauthorized access. By ensuring public network access is disabled, you can help protect your Azure resources from potential security threats.
Code Example
terraform
resource "azurerm_managed_disk" "example" {
public_network_access_enabled = false
}Remediation
Ensure the Azure Virtual Machine disk does not allow public network access by setting the public_network_access_enabled property to false.
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0758 |
| Severity | MEDIUM |
| IaC Type | Terraform |
| Frameworks | azurerm_managed_disk |
| Checkov ID | CKV_AZURE_251 |