Control: Azure Cache for Redis should reside within a virtual network
Description
Azure Virtual Network deployment provides enhanced security and isolation for your Azure Cache for Redis, as well as subnets, access control policies, and other features to further restrict access.When an Azure Cache for Redis instance is configured with a virtual network, it is not publicly addressable and can only be accessed from virtual machines and applications within the virtual network.
Usage
Run the control in your terminal:
powerpipe control run azure_compliance.control.redis_cache_in_virtual_networkSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_compliance.control.redis_cache_in_virtual_network --shareSQL
This control uses a named query:
select redis.id as resource, case when subnet_id is not null then 'ok' else 'alarm' end as status, case when subnet_id is not null then redis.name || ' in virtual network.' else redis.name || ' not in virtual network.' end as reason , redis.resource_group as resource_group , sub.display_name as subscriptionfrom azure_redis_cache as redis, azure_subscription as subwhere sub.subscription_id = redis.subscription_id;