standard
turbot/azure_compliance

Trigger: Detect & correct Cosmos DB accounts with virtual network filter disabled

Detect Cosmos DB accounts with virtual network filter disabled.

Query

select
concat(
a.id,
' [',
a.subscription_id,
'/',
a.resource_group,
']'
) as title,
a.id as id,
subscription_id,
_ctx ->> 'connection_name' as conn
from
azure_cosmosdb_account as a
where
public_network_access = 'Enabled'
and is_virtual_network_filter_enabled = 'false';

Schedule

15m

Tags

category = Compliance
plugin = azure
service = Azure/CosmosDB