Policy Settings
The Enforce Azure Cosmos DB Database Accounts Are Accessible to Selected Networks policy pack has 5 policy settings:
Policy | Setting | Note |
---|---|---|
Azure > Cosmos DB > Database Account > Firewall | Check: Allow only approved virtual networks and IP ranges | |
Azure > Cosmos DB > Database Account > Firewall > IP Ranges > Required | Check: Required > Items | |
Azure > Cosmos DB > Database Account > Firewall > IP Ranges > Required > Items | - "45.127.45.223" - "45.127.45.221" | |
Azure > Cosmos DB > Database Account > Firewall > Virtual Networks > Required | Check: Required > Items | |
Azure > Cosmos DB > Database Account > Firewall > Virtual Networks > Required > Items | - "/subscriptions/1234ae5d-678b-901d-2f34-56b7890fc1c2/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVirtualNetwork/subnets/mySubnet" |