How to resolve Sprinto check for protecting Azure Cosmos DB Public Access
About
Sprinto Check: Azure Cosmos DB Protected from Public Access
Sprinto introduces a dedicated check to ensure the secure configuration of Azure Cosmos DB, preventing unauthorized public access. Protecting Azure Cosmos DB from public exposure is essential for safeguarding sensitive data and maintaining a robust security posture.
Purpose
Securing Azure Cosmos DB from public access helps mitigate the risk of unauthorized access, potential data breaches, and other security vulnerabilities. Restricting access to authorized entities ensures the confidentiality and integrity of your Cosmos DB resources.
How to resolve
To resolve the check, follow the steps below to configure Azure Cosmos DB and restrict public access:
Before you Begin
Ensure you have the necessary permissions to configure Azure Cosmos DB settings.
Log in to the Azure portal as an administrator.
Configure Network Security
Navigate to the Azure portal.
Go to Cosmos DB and select the appropriate Cosmos DB account.
In the Cosmos DB account menu, select Firewalls and virtual networks.
Set the Allow access from option to Selected networks.
Add the necessary networks or IP ranges that should have access. Be specific with IP ranges, avoiding open access from all networks (0.0.0.0/0).
Ensure that the option Allow access to Azure services is configured according to your requirements.
Save the changes.
Securing Azure Cosmos DB from public access is a critical step in protecting your data and ensuring compliance with security best practices. Sprinto will verify the configuration, marking the Cosmos DB Public Access Protection check status as "Passing."
If you have any questions or require assistance with the Sprinto check for Azure Cosmos DB, please get in touch with Sprinto support. We're here to assist you!