Control: Cognitive Services accounts should restrict network access
Network access to Cognitive Services accounts should be restricted. Configure network rules so only applications from allowed networks can access the Cognitive Services account. To allow connections from specific internet or on-premises clients, access can be granted to traffic from specific Azure virtual networks or to public internet IP address ranges.
Run the control in your terminal:
steampipe check terraform_azure_compliance.control.cognitive_account_restrict_public_access
Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share terraform_azure_compliance.control.cognitive_account_restrict_public_access
This control uses a named query:cognitive_account_restrict_public_access