Risk Level: Medium
Cloud Entity: Azure Cosmos DB
CloudGuard Rule ID: D9.AZU.NET.64
Covered by Spectral: Yes
Category: Database

GSL LOGIC

CosmosDbAccount should not have privateEndpointConnections isEmpty()

REMEDIATION

From Portal

Go to 'Azure Cosmos DB' and choose your Cosmos DB account.
Select 'Private Endpoint Connections' on the navigation menu.
Select 'Create a private endpoint' and complete the wizard.
Review and create.

Note: Configuring a Private Endpoint requires additional configurations, please check the documentation for further instructions on how to create a private endpoint using TF / Azure CLI.

References

Azure Cosmos DB

Azure Cosmos DB is a fully managed database service with turnkey global distribution and transparent multi-master replication. You can run globally distributed, low-latency operational and analytics workloads and AI on transactional data within your database.

Compliance Frameworks

Azure CIS Foundations v. 1.5.0
Azure CIS Foundations v.2.0
Azure CloudGuard Best Practices
Azure NIST 800-53 Rev 5
CloudGuard Azure All Rules Ruleset