Policy: Azure > CIS v5.0 > 2 - Analytics Services > 2.01 - Azure Databricks > 2.01.01 - Ensure that Azure Databricks is deployed in a customer-managed virtual network (VNet)
Configures auditing against a CIS Benchmark item.
Level: 2
Azure Databricks has a default deployment model where all resources are deployed in a locked resource group. Optionally, you can configure your workspace with custom virtual network (VNet) injection, which enables customers to deploy workspaces in their own virtual networks, providing better network isolation.
Deploying Databricks within a customer-managed VNet allows for: - Better network isolation and integration with on-premises resources - More granular control over network traffic - Ability to apply custom network security policies - Integration with existing Azure networking resources
Targets
This policy targets the following resource types:
Primary Policy
This policy is used with the following primary policy:
Controls
Setting this policy configures this control:
Policy Specification
Schema Type | |
|---|---|
Default | |
Valid Values [YAML] |
|
Category
In Your Workspace
Developers
- tmod:@turbot/cis#/control/categories/cis
- tmod:@turbot/azure-cisv5-0#/policy/types/r020101
- turbot graphql policy-type --id "tmod:@turbot/azure-cisv5-0#/policy/types/r020101"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/azure-cisv5-0#/policy/types/r020101"
Get Policy TypeGet Policy Settings