Skip to content

Feature - Security rules for OSDU Infrastructure - Network

Done Infra Relation Rule
!740 (merged) NETWORK Ensure keyvault is recoverable 
!825 (merged) NETWORK Ensure that public network access is disabled for Azure Key Vaults 
!843 (merged) NETWORK Ensure that Azure CosmosDB does not allow access from all networks 
!776 (merged) NETWORK Ensure that public network access is disabled in Redis Cache 
!776 (merged) NETWORK Ensure that Redis Cache uses private link 
!620 (merged) #218 (closed) NETWORK Ensure that Azure Kubernetes Service Private Clusters is enabled 
!825 (merged) NETWORK Ensure that Azure Key Vaults use Private Links
NETWORK Ensure that Postgres DB use Private Links
NETWORK Ensure that Storage Accounts use Private Links
!879 (merged) NETWORK Ensure that Event Grid uses Private Links
  • All changes must be well documented and if downtime it would be expected
  • TF scripts should work without errors in greenfield environments
  • If TF Brownfield apply presents any migration or downtime, to be documented
  • Check if Cosmos/resource backup policies are affected by private endpoints
Edited by Arturo Hernandez [EPAM]