Data Factory should have public access disabled, the default is enabled.
Default Severity: critical
Explanation
Data Factory has public access set to true by default.
Disabling public network access is applicable only to the self-hosted integration runtime, not to Azure Integration Runtime and SQL Server Integration Services (SSIS) Integration Runtime.
Possible Impact
Data factory is publicly accessible
Suggested Resolution
Set public access to disabled for Data Factory
Insecure Example
The following example will fail the azure-datafactory-no-public-access check.
resource "azurerm_data_factory" "bad_example" {
name = "example"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
}
Secure Example
The following example will pass the azure-datafactory-no-public-access check.
resource "azurerm_data_factory" "good_example" {
name = "example"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
public_network_enabled = false
}