Detections
Analytics

Ensure public IP addresses are not assigned to Azure Linux Virtual Machines

HIGH

Description

Allowing unrestricted, public access to cloud services could open an application up to external attack. Disallowing this access is typically considered best practice.

Remediation

In Azure Console -

  1. Open the Azure Portal and go to Virtual Machines.
  2. Choose the virtual machine to edit.
  3. Under Settings, select Networking, then click on the Network Interface.
  4. In the Networking section, under Settings, select IP configurations.
  5. Select the interface, then choose Disassociate under Public IP address.
  6. Select Save. Note: This does not delete the IP address reservation; to do this, continue below.
  7. In the search bar, search for Public IP addresses and go to the corresponding section.
  8. Choose the public IP address reservation that was assigned to the interface.
  9. Select Delete.

In Terraform -

  1. For each azurerm_linux_virtual_machine resource, find the corresponding azurerm_network_interface resource.
  2. Remove the public_ip_address_id field.

References:
https://learn.microsoft.com/en-us/azure/virtual-network/network-overview?context=%2Fazure%2Fvirtual-machines%2Fcontext%2Fcontext#network-interfaces
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface

Policy Details

Rule Reference ID: AC_AZURE_0109
CSP: Azure
Remediation Available: No
Domain: Security Best Practices
Resource: azurerm_linux_virtual_machine
Resource Category: Compute
Resource Type: Virtual Machine

Frameworks