Control: Log Analytics workspaces should block log ingestion and querying from public networks
Description
Improve workspace security by blocking log ingestion and querying from public networks. Only private-link connected networks will be able to ingest and query logs on this workspace. Learn more at https://aka.ms/AzMonPrivateLink\#configure-log-analytics.
Usage
Run the control in your terminal:
powerpipe control run azure_compliance.control.log_analytics_workspace_block_log_ingestion_and_querying_from_public
Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_compliance.control.log_analytics_workspace_block_log_ingestion_and_querying_from_public --share
SQL
This control uses a named query:
log_analytics_workspace_block_log_ingestion_and_querying_from_public