Ensure only whitelisted IPs can use Azure Search Service

MEDIUM

Description

Azure Search Service doesn't have a list of IPs that can access it, this may leave it open to malicious actors.

Remediation

In Azure Console -

Open the Azure Portal and go to Cognitive Search.
Select the Cognitive Search service you wish to edit.
Under Settings, select Networking.
For Public Network Access, set to Selected Networks, then add a list of allowed IPs.
Configure Private network access as needed.

In Terraform -

In the azurerm_search_service resource, set allowed_ips to a list of allowed IPs.

References:
https://learn.microsoft.com/en-us/azure/search/search-what-is-azure-search
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/search_service#allowed_ips

Policy Details

Rule Reference ID: AC_AZURE_0420

CSP: Azure

Remediation Available: Yes

Domain: Infrastructure Security

Resource: azurerm_search_service

Resource Category: Analytics

Resource Type: Search Service

Frameworks

GDPR
HIPAA
ISO-27001
NIST-800-171
NIST-800-53
NIST-CSF
PCI-DSSv3.2.1
PCI-DSSv4.0