Ensure SaltStack Master (TCP:4506) is not exposed to public for Azure Network Security Rule
MEDIUM
Description
SaltStack Master (TCP:4506) is exposed to public for Azure Network Security Rule.
Remediation
Configure Network Security Rule for port 4506 to ensure it is not exposed to public. In console -
In settings of NSG select Inbound security rules.
Use Add button here to add security rules.
Create security rules for any application, port range, ip range. In terraform - Set the value of 'access' to [allow | deny]. Set the value of 'direction' to 'inbound'. Set the value of 'source_address_prefix' to an IP address or a range of IP addresses. These network security rules in controlling inbound connections to your resources in Azure.