---
names:
  full: "Azure Virtual Machine allows public access to HTTP(S) ports"
  contextual: "Virtual Machine allows public access to HTTP(S) ports"
description: >
  Ensure that Azure Virtual Machines do not allow unrestricted public access to 
  the HTTP/HTTPS ports 80 and 443. Where certain ports and protocols may be 
  exposed to the Internet, they should be evaluated for necessity and restricted 
  wherever they are not explicitly required.
categories:
  - "SECURITY"
type: "COMPLIANCE_POLICY"
frameworkMappings:
  - "/frameworks/cloudaware/resource-security/network-exposure"