azure-storsync-public-ingress¶
Ensure that Azure File Sync disables public network access
It is recommended to disable the public endpoints for Azure Files and File Sync in order to protect the your data from unauthorized access due to misconfigurations. Please note that, by default, creating a private endpoint does not block connections to the public endpoint.
Examples¶
Insecure Example
resource "azurerm_storage_sync" "test" {
name = "example-storage-sync"
resource_group_name = azurerm_resource_group.test.name
location = azurerm_resource_group.test.location
incoming_traffic_policy = "AllowAllTraffic" # (default value is AllTraffic)
}
Secure Example
resource "azurerm_storage_sync" "test" {
name = "example-storage-sync"
resource_group_name = azurerm_resource_group.test.name
location = azurerm_resource_group.test.location
incoming_traffic_policy = "AllowVirtualNetworksOnly"
}