๐ผ 9.3.7 Ensure that Public Network Access when using Private Endpoint is disabled (Automated)
- Contextual name: ๐ผ 9.3.7 Ensure that Public Network Access when using Private Endpoint is disabled (Automated)
- ID:
/frameworks/cis-azure-v4.0.0/09/03/07
- Located in: ๐ผ 9.3 Key Vault
Descriptionโ
When Private endpoint is configured on a Key Vault, connections from Azure resources within the same subnet will use its private IP address. However, network traffic from the public internet can still flow connect to the Key Vault's public endpoint (mykeyvault.vault.azure.net) using its public IP address unless Public network access is set to โDisabledโ.
Setting the Public network access to โDisabledโ with a Private Endpoint will remove the Vault's public endpoint from Azure public DNS, reducing its exposure to the public internet. Network traffic will use the Vault private endpoint IP address for all requests (mykeyvault.vault.privatelink.azure.net).
Similarโ
Sub Sectionsโ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (1)โ