Benchmark: 5.4 Azure Cosmos DB
Overview
This section covers security best practice recommendations for Azure Cosmos DB Database Servers.
Azure Product Page: https://azure.microsoft.com/en-us/products/cosmos-db/
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-azure-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select 5.4 Azure Cosmos DB.
Run this benchmark in your terminal:
powerpipe benchmark run azure_compliance.benchmark.cis_v300_5_4Snapshot and share results via Turbot Pipes:
powerpipe benchmark run azure_compliance.benchmark.cis_v300_5_4 --shareControls
- 5.4.1 Ensure That 'Firewalls & Networks' Is Limited to Use Selected Networks Instead of All Networks
- 5.4.2 Ensure That Private Endpoints Are Used Where Possible
- 5.4.3 Use Entra ID Client Authentication and Azure RBAC where possible