Control: Azure > CIS v3.0 > 05 - Database Services > 05.04 - Azure Cosmos DB > 05.04.01 - Ensure That 'Firewalls & Networks' Is Limited to Use Selected Networks Instead of All Networks

Configures auditing against a CIS Benchmark item.

Level: 2

Limiting your Cosmos DB to only communicate on whitelisted networks lowers its attack footprint.

Selecting certain networks for your Cosmos DB to communicate restricts the number of networks including the internet that can interact with what is stored within the database.

Resource Types

This control targets the following resource types:

Azure > Cosmos DB > Database Account

In Your Workspace

Developers

Control Type URI

tmod:@turbot/azure-cisv3-0#/control/types/r050401

Category URI

tmod:@turbot/cis#/control/categories/v071401

GraphQL

query controlType(id: "tmod:@turbot/azure-cisv3-0#/control/types/r050401") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/azure-cisv3-0#/control/types/r050401'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-cisv3-0#/control/types/r050401"