Add ADF outbound access control via Azure Policy to prevent data exfiltration#229
Draft
SvenAelterman with Copilot wants to merge 2 commits into
Draft
Add ADF outbound access control via Azure Policy to prevent data exfiltration#229SvenAelterman with Copilot wants to merge 2 commits into
SvenAelterman with Copilot wants to merge 2 commits into
Conversation
Assigns the built-in Azure Policy '3d02a511-74e5-4dab-a5fd-878704d4a61a'
('[Preview]: Azure Data Factory pipelines should only communicate with
allowed domains') to prevent data exfiltration by restricting ADF
pipeline outbound traffic to the storage accounts referenced in pipelines
(private, public, and airlock) plus the Key Vault used for linked service
connection strings.
- adf.bicep: Add allowedStorageAccountNames parameter, compute allowed
domain names (blob/dfs/file endpoints per account + KV FQDN), create
policy assignment resource with Deny effect
- main.bicep: Pass public and airlock storage account names to adfModule;
add airlockStorageAccountNameForPolicy variable to avoid circular dependency
with centralizedModule
Agent-Logs-Url: https://github.com/Azure/HubAndSpokeResearchEnclave/sessions/58fbf88c-7835-43e4-9cc1-37f48d77fd6c
Co-authored-by: SvenAelterman <17446043+SvenAelterman@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] Add support for outbound access control with Data Factory
Add ADF outbound access control via Azure Policy to prevent data exfiltration
Mar 27, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Data Factory has no restriction on which external domains its pipelines can communicate with, enabling potential data exfiltration. This adds enforcement via the built-in Azure Policy
3d02a511-74e5-4dab-a5fd-878704d4a61a("[Preview]: Azure Data Factory pipelines should only communicate with allowed domains") withDenyeffect.adf.bicepallowedStorageAccountNamesparameter (array, default[]) for storage accounts beyond the private storage accountblob,dfs, andfileendpoints for every storage account in scope, plus the Key Vault used by the linked service (usingenvironment().suffixes.keyvaultDns)Microsoft.Authorization/policyAssignmentsresource scoped to the resource groupmain.bicepadfModuleviaallowedStorageAccountNamesairlockStorageAccountNameForPolicyto resolve the airlock account name without creating a circular dependency throughcentralizedModule(which itself depends onadfModule.outputs.principalId). For centralized review, the name is extracted fromcentralAirlockResources.storageAccountId; for spoke-local review, the module output is used directly.Warning
Firewall rules blocked me from connecting to one or more addresses (expand for details)
I tried to connect to the following addresses, but was blocked by firewall rules:
aka.ms/usr/local/bin/bicep bicep lint research-spoke/spoke-modules/airlock/adf.bicep(dns block)/usr/local/bin/bicep bicep lint research-spoke/spoke-modules/airlock/main.bicep(dns block)learn.microsoft.com/home/REDACTED/work/_temp/ghcca-node/node/bin/node /home/REDACTED/work/_temp/ghcca-node/node/bin/node --enable-source-maps /home/REDACTED/work/_temp/copilot-developer-action-main/dist/index.js(dns block)If you need me to access, download, or install something from one of these locations, you can either:
💬 Send tasks to Copilot coding agent from Slack and Teams to turn conversations into code. Copilot posts an update in your thread when it's finished.