Best practice rules for CosmosDB
Trend Micro Cloud One™ – Conformity monitors CosmosDB with the following rules:
- Enable Advanced Threat Protection
Ensure that Advanced Threat Protection is enabled for all Microsoft Azure Cosmos DB accounts.
- Enable Automatic Failover
Enable automatic failover for Microsoft Azure Cosmos DB accounts.
- Restrict Default Network Access for Azure Cosmos DB Accounts
Ensure that default network access (i.e. public access) is denied within your Azure Cosmos DB accounts configuration.