Best practice rules for Databricks
- Azure Databricks Workspace Data Encrypted with Customer-Managed Keys
Use Customer-Managed Keys (CMKs) to encrypt your Azure Databricks workspace data.
- Check for Virtual Network (VNet) Injection
Ensure that Virtual Network (VNet) injection is enabled to your Azure Databricks workspaces.
- Disable Public Network Access
Ensure that public network access to Azure Databricks workspaces is disabled.
- Enable Secure Cluster Connectivity
Ensure that secure cluster connectivity is enabled for your Azure Databricks workspaces.
- Use Network Security Groups
Ensure that your Azure Databricks workspaces are using Network Security Groups (NSGs) for traffic control.
- Use Private Endpoints for Azure Databricks Workspaces
Ensure that network access to Azure Databricks workspaces is allowed via private endpoints only.