Terraform Public Network Enabled True
Description
Identifies Azure Data Factory resources configured with unrestricted public network access. This configuration could allow access from any IP address, potentially exposing the data factory to unauthorized access from the internet.
Detection Strategy
• Scans Terraform configuration files for Azure Data Factory resource definitions
• Checks if public network access is explicitly enabled or if network access restrictions are missing
• Reports a vulnerability when an Azure Data Factory is found without proper network access restrictions
Vulnerable code example
resource "azurerm_data_factory" "example" {
name = "example-df"
location = "eastus"
resource_group_name = "example-rg"
public_network_enabled = true # Security risk: Exposes Data Factory to public internet access
}✅ Secure code example
resource "azurerm_data_factory" "example" {
name = "example-df"
location = "eastus"
resource_group_name = "example-rg"
# Disable public network access for improved security
public_network_enabled = false
...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.