Detections
Analytics

Ensure that the attribute 'permissive_output_firewall_rules' in Defender for IoT is not set to false

MEDIUM

Description

Allowing overly permissive outbound traffic could lead to unauthorized access to the IoT Hub.

Remediation

In Azure Console -

  1. Go to Azure IoT Hub.
  2. Choose a IoT Hub to edit.
  3. In the Defender for IoT, Choose Settings.
  4. Click on the Recommendation Configuration and choose the Permissive output firewall rules recommendation.
  5. Click Enable.

In Terraform -

  1. In the azurerm_iot_security_solution resource, set recommendations_enabled.permissive_output_firewall_rules to true.

References:
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/iot_security_solution#permissive_output_firewall_rules

Policy Details

Rule Reference ID: AC_AZURE_0098
CSP: Azure
Remediation Available: Yes
Domain: Infrastructure Security
Resource: azurerm_iot_security_solution
Resource Category: Management
Resource Type: IoT Hub

Frameworks