Databricks workspaces should have NSGs configured on their subnets

azure
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください

Description

Ensure that Network Security Groups (NSGs) are configured on the private and public subnets used by Azure Databricks workspaces deployed in a custom virtual network. NSGs provide network-level filtering of inbound and outbound traffic to control access to Databricks compute resources.

This rule only applies to workspaces deployed in a custom virtual network (VNet injection) and checks the two subnets identified by customPrivateSubnetName and customPublicSubnetName. Workspaces using the default managed VNet are skipped.

Remediation

Assign a Network Security Group to each Databricks subnet. See Azure network security groups overview and Deploy Azure Databricks in your Azure virtual network (VNet injection).