Azure and GCP Perimeter Security, CIS Updates, and Enhanced Plugins →
Powerpipe Hub 
Hub
Mods
turbot/steampipe-mod-azure-compliance
Overview
16Dashboards
1651Benchmarks
486Queries
8Variables
GitHub

Control: Azure Cache for Redis should reside within a virtual network

Description

Azure Virtual Network deployment provides enhanced security and isolation for your Azure Cache for Redis, as well as subnets, access control policies, and other features to further restrict access.When an Azure Cache for Redis instance is configured with a virtual network, it is not publicly addressable and can only be accessed from virtual machines and applications within the virtual network.

Usage

Run the control in your terminal:

powerpipe control run azure_compliance.control.redis_cache_in_virtual_network

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run azure_compliance.control.redis_cache_in_virtual_network --share

SQL

This control uses a named query:

select
  redis.id as resource,
  case
    when subnet_id is not null then 'ok'
    else 'alarm'
  end as status,
  case
    when subnet_id is not null then redis.name || ' in virtual network.'
    else redis.name || ' not in virtual network.'
  end as reason
  
  , redis.resource_group as resource_group
  , sub.display_name as subscription
from
  azure_redis_cache as redis
  left join azure_subscription as sub on sub.subscription_id = redis.subscription_id;

Tags

service = Azure/Redis