Microsoft managed storage accounts triggering defender rules
Janne Kujanpää
236
Reputation points
Databricks managed storage accounts are again triggering some Defender rules:
Following rules are triggered by databricks managed storage accounts
- Storage account should use a private link connection
- Storage accounts should restrict network access using virtual network rules
Exemption cannot be added because resource group has deny assignment => the policy itself should ignore storage account managed by Microsoft/Databricks to avoid false positives.
Is there any workarounds for this while waiting policy fixes?
If anyone has contact with team writing those policies, please let them know. Otherwise, I'll just wait for policies being GAd and create support ticket(s).
Sign in to answer