Ensure IP addresses are masked in the logs for IoT Hub

LOW

Description

IP Addresses are considered as personal data and logging unmasked IP addresses poses privacy risks for users and IoT Devices.

Remediation

In Azure Console -

  1. Go to Azure IoT Hub.
  2. Choose an IoT Hub to edit.
  3. In the Defender for IoT, Choose Settings.
  4. Click on the Recommendation Configuration and choose the Log Unmasked IPS enabled recommendation.
  5. Click Enable.

In Terraform -

  1. In the azurerm_iot_security_solution resource, set recommendations_enabled.log_unmasked_ips_enabled to true.

References:
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/iot_security_solution#log_unmasked_ips_enabled

Policy Details

Rule Reference ID: AC_AZURE_0096
CSP: Azure
Remediation Available: Yes
Resource Category: Management
Resource Type: IoT Hub

Frameworks