Control: SQL servers should restrict public network access

Description

Azure SQL servers should be configured to restrict public network access through firewall rules, virtual network rules, private endpoints, or by disabling public network access entirely.

Usage

Run the control in your terminal:

powerpipe control run azure_perimeter.control.sql_server_restrict_public_network_access

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run azure_perimeter.control.sql_server_restrict_public_network_access --share

Steampipe Tables

azure_sql_server

azure_subscription

SQL

  select
    s.id as resource,
  case
    when public_network_access = 'Disabled' then 'ok'
    else 'alarm'
  end as status,
  case
    when public_network_access = 'Disabled' then s.name || ' has public network access disabled.'
    else s.name || ' has public network access enabled.'
  end as reason
  
  , s.resource_group as resource_group
  , sub.display_name as subscription
from
  azure_sql_server s,
  azure_subscription sub
where
  sub.subscription_id = s.subscription_id;

Control: SQL servers should restrict public network access

Description

Usage

Steampipe Tables

SQL

Tags