Detections
Analytics

Ensure public access is disabled for Azure Healthcare Service

MEDIUM

Description

Allowing unrestricted, public access to cloud services could open an application up to external attack. Disallowing this access is typically considered best practice.

Remediation

There are several prerequisites for using private endpoints in Azure Healthcare Services. To learn more, and to find step by step instructions on how to prepare for private endpoints, see the Azure documentation (below). Once it is configured, public access can be disabled for attached services.

In Terraform -

  1. In the azurerm_healthcare_service resource, set public_network_access_enabled to false.

References:
https://learn.microsoft.com/en-us/azure/healthcare-apis/healthcare-apis-configure-private-link?WT.mc_id=Portal-Microsoft_Healthcare_APIs
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/healthcare_service

Policy Details

Rule Reference ID: AC_AZURE_0226
CSP: Azure
Remediation Available: Yes
Domain: Infrastructure Security
Resource: azurerm_healthcare_service
Resource Category: Analytics
Resource Type: HealthCare Service

Frameworks