Microsoft managed storage accounts triggering defender rules

Janne Kujanpää 236 Reputation points
2023-03-29T09:33:42.1533333+00:00

Databricks managed storage accounts are again triggering some Defender rules:

Following rules are triggered by databricks managed storage accounts

  • Storage account should use a private link connection
  • Storage accounts should restrict network access using virtual network rules

Exemption cannot be added because resource group has deny assignment => the policy itself should ignore storage account managed by Microsoft/Databricks to avoid false positives.

Is there any workarounds for this while waiting policy fixes?


If anyone has contact with team writing those policies, please let them know. Otherwise, I'll just wait for policies being GAd and create support ticket(s).

Azure Databricks
Azure Databricks
An Apache Spark-based analytics platform optimized for Azure.
2,165 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,353 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.