Databricks workspaces should have Secure Cluster Connectivity (No Public IP) enabled

azure

Description

Ensure that Azure Databricks workspaces have the “No Public IP” feature enabled. When enabled, cluster nodes are not assigned public IP addresses, reducing the attack surface by preventing direct internet connectivity to compute resources.

Remediation

Deploy Databricks workspaces with Secure Cluster Connectivity (No Public IP) enabled. For existing workspaces, redeploy with the enableNoPublicIp parameter set to true. See Enable secure cluster connectivity.