Azure Databricks Clusters should disable public IP
HIGH
Ensures Azure Databricks cluster nodes do not have public IP addresses assigned.
What does this mean?
This recommendation ensures that Azure Databricks cluster nodes are deployed without public IP addresses. Public IPs on cluster nodes expose them directly to the internet, increasing the attack surface.
Benefits of implementation
- Eliminates direct internet exposure of Databricks cluster nodes
- Reduces the attack surface of data processing infrastructure
- Aligns with network security best practices
Drawbacks and considerations
- Requires NAT gateway or similar for outbound internet access
- More complex network architecture
- May affect library installation from public repositories
Implementation
Implementation guidance coming soon.
Related recommendations
Related recommendations will be linked here.
Frameworks
Details
- Risk Level
- HIGH
- Category
- Databricks
- Azure Resource
- Frameworks
- 1 frameworks
- Last updated
- 2026-02-12