Info icon
End of Life Notice: For Trend Cloud One™ - Conformity Customers, Conformity will reach its End of Sale on “July 31st, 2025” and End of Life “July 31st, 2026”. The same capabilities and much more is available in Trend Vision One™ Cloud Risk Management. For details, please refer to Upgrade to Trend Vision One
Logo of Trend Micro
Use the Knowledge Base AI to help improve your Cloud Posture

Disable Public Network Access to Azure AI Foundry Instances

Trend Vision One™ provides continuous assurance that gives peace of mind for your cloud infrastructure, delivering over 1100 automated best practice checks.

Risk Level: High (not acceptable risk)

Ensure that public network access (i.e., all network access) to Microsoft Azure AI Foundry instances is disabled in order to enhance security by preventing unauthorized access.

Security

When an Azure AI Foundry instance is publicly accessible, all networks, including the Internet, can access the instance, increasing the risk of unauthorized access, potential security breaches, and compliance violations. To limit access to selected, trusted networks, you must configure network access rules for your AI Foundry instances. This allows authorized traffic from selected networks only or from trusted IP addresses, preventing unauthorized access attempts and protecting your AI workloads and data.

Audit

To determine whether public network access to your Azure AI Foundry instances is restricted, perform the following operations:

Using Azure Console

01 Sign in to the Microsoft Azure Portal.

02 Navigate to All resources blade available at https://portal.azure.com/#browse/all to access all your Microsoft Azure cloud resources.

03 Choose the Azure subscription that you want to access from the Subscription equalls all filter box and choose Apply.

04 From the Type equals all filter box, select Type for Filter, Equals for Operator, and Azure AI Foundry for Value, then choose Apply to list the Azure AI Services (AI Foundry) instances available in the selected subscription.

05 Click on the name (link) of the AI Foundry instance that you want to examine.

06 In the resource navigation panel, under Resource Management, select Networking to access the networking configuration settings available for the selected AI Foundry instance.

07 Select the Firewalls and virtual networks tab and check the Allow access from configuration setting to determine the level of access configured for the selected AI Foundry instance. If Allow access from is set to All networks, all networks, including the Internet, can access your resource, therefore, the public network access to the selected Azure AI Foundry instance is not disabled.

Using Azure CLI

01 Run account list command (Windows/macOS/Linux) with custom output filters to list the IDs of the cloud subscriptions available in your Azure cloud account: 

az account list
	--query '[*].id'

02 The command output should return the requested subscription identifiers (IDs): 

[
	"abcdabcd-1234-abcd-1234-abcdabcdabcd",
	"abcd1234-abcd-1234-abcd-abcd1234abcd"
]

03 Run account set command (Windows/macOS/Linux) with the ID of the Azure cloud subscription that you want to examine as the identifier parameter to set the selected subscription to be the current active subscription (the command does not produce an output): 

az account set
	--subscription abcdabcd-1234-abcd-1234-abcdabcdabcd

04 Run cognitiveservices account list command (Windows/macOS/Linux) with custom output filters to list the name and the associated resource group for each Azure AI Services (AI Foundry) instance available within the current subscription: 

az cognitiveservices account list
	--output table
	--query '[?(kind==`AIServices`)].{name:name, resourceGroup:resourceGroup}'

05 The command output should return the requested AI Foundry instance identifiers: 

Name                               ResourceGroup
-------------------------------    ------------------------------
cc-project5-ai-service-instance    cloud-shell-storage-westeurope
cc-project5-ai-foundry-instance    cloud-shell-storage-westeurope

06 Run cognitiveservices account show command (Windows/macOS/Linux) with the name of the Azure AI Foundry instance that you want to examine as the identifier parameter and custom output filters to determine if the public network access to the selected AI Foundry instance is disabled: 

az cognitiveservices account show
	--name cc-project5-ai-service-instance
	--resource-group cloud-shell-storage-westeurope
	--query '{networkAcls:properties.networkAcls.defaultAction,publicNetworkAccess:properties.publicNetworkAccess}'

07 The command output should return the status of the default network access rule used by the selected instance (i.e., "networkAcls" value) and the status of the "publicNetworkAccess" setting configured for the instance: 

{
	"networkAcls": "Allow",
	"publicNetworkAccess": "Enabled"
}

If the cognitiveservices account show command output returns "Allow" or null for "networkAcls" and "Enabled" for "publicNetworkAccess", as shown in the example above, all networks, including the Internet, can access your AI Foundry resource, therefore, the public network access to the selected Azure AI Foundry instance is not disabled.

Remediation / Resolution

To disable public network access to your Microsoft Azure AI Foundry instances, perform the following operations:

Using Azure Console

01 Sign in to the Microsoft Azure Portal.

02 Navigate to All resources blade available at https://portal.azure.com/#browse/all to access all your Microsoft Azure cloud resources.

03 Choose the Azure subscription that you want to access from the Subscription equalls all filter box and choose Apply.

04 From the Type equals all filter box, select Type for Filter, Equals for Operator, and Azure AI Foundry for Value, then choose Apply to list the Azure AI Services (AI Foundry) instances available in the selected subscription.

05 Click on the name (link) of the AI Foundry instance that you want to configure.

06 In the resource navigation panel, under Resource Management, select Networking to access the networking configuration settings available for the selected AI Foundry instance.

07 Select the Firewalls and virtual networks tab and perform the following actions:

  1. For Allow access from, choose Selected Networks and Private Endpoints.
  2. If you want to grant access from an Azure virtual network (VNet), in the Virtual networks section, choose Add existing virtual network and select an existing virtual network with one or more VNet subnets. Choose Add to apply the changes. If you need to create a new virtual network for secure access, choose Add new virtual network and follow the setup wizard to create a new VNet for your AI Foundry instance. The VNet subnet(s) will be created with a service endpoint for 'Microsoft.CognitiveServices'.
  3. If you want to allow access from specific public IP addresses and IP ranges, in the Firewall section, provide an IP address range using CIDR notation (e.g., 192.168.0.0/16), or an individual IP address (e.g., 192.168.0.1) in the IP address or CIDR box under Address range. You can also add your client IP address by checking the Add your client IP address ('xxx.xxx.xxx.xxx') checkbox.
  4. Choose Save to apply the configuration settings.

Using Azure CLI

01 Run account list command (Windows/macOS/Linux) with custom output filters to list the IDs of the cloud subscriptions available in your Azure cloud account: 

az account list
	--query '[*].id'

02 The command output should return the requested subscription identifiers (IDs): 

[
	"abcdabcd-1234-abcd-1234-abcdabcdabcd",
	"abcd1234-abcd-1234-abcd-abcd1234abcd"
]

03 Run account set command (Windows/macOS/Linux) with the ID of the Azure cloud subscription that you want to examine as the identifier parameter to set the selected subscription to be the current active subscription (the command does not produce an output): 

az account set
	--subscription abcdabcd-1234-abcd-1234-abcdabcdabcd

04 Run cognitiveservices account list command (Windows/macOS/Linux) with custom output filters to list the resource identifier (ID) of each Azure AI Services (AI Foundry) instance available within the current subscription: 

az cognitiveservices account list
	--query '[?(kind==`AIServices`)].id'

05 The command output should return the requested AI Foundry instance identifiers: 

[
	"/subscriptions/abcdabcd-1234-abcd-1234-abcdabcdabcd/resourceGroups/cloud-shell-storage-westeurope/providers/Microsoft.CognitiveServices/accounts/cc-project5-ai-service-instance",
	"/subscriptions/abcdabcd-1234-abcd-1234-abcdabcdabcd/resourceGroups/cloud-shell-storage-westeurope/providers/Microsoft.CognitiveServices/accounts/cc-project5-ai-foundry-instance"
]

06 Run resource update command (Windows/macOS/Linux) with the ID of the Azure AI Foundry instance that you want to configure as the identifier parameter, to disable public network access to the selected instance: 

az resource update
	--ids "/subscriptions/abcdabcd-1234-abcd-1234-abcdabcdabcd/resourceGroups/cloud-shell-storage-westeurope/providers/Microsoft.CognitiveServices/accounts/cc-project5-ai-service-instance"
	--set properties.networkAcls="{'defaultAction':'Deny'}"
	--set properties.publicNetworkAccess="Disabled"

07 The command output should return the information available for the configured AI Foundry instance: 

{
	"id": "/subscriptions/abcdabcd-1234-abcd-1234-abcdabcdabcd/resourceGroups/cloud-shell-storage-westeurope/providers/Microsoft.CognitiveServices/accounts/cc-project5-ai-service-instance",
	"identity": {
		"principalId": "abcd1234-abcd-1234-abcd-1234abcd1234",
		"tenantId": "abcd1234-abcd-1234-abcd-1234abcd1234",
		"type": "SystemAssigned",
	},
	"kind": "AIServices",
	"location": "westeurope",
	"name": "cc-project5-ai-service-instance",
	"properties": {
		"encryption": {
			"keySource": "Microsoft.KeyVault",
			"keyVaultProperties": {
				"keyName": "tm-ai-foundry-instance-key",
				"keyVaultUri": "https://tm-project5-vault.vault.azure.net",
				"keyVersion": "abcd1234abcd1234abcd1234abcd1234"
			}
		},

		...

		"isMigrated": false,
		"locations": null,
		"migrationToken": null,
		"networkAcls": {
			"defaultAction": "Deny"
		},
		"privateEndpointConnections": [],
		"provisioningState": "Succeeded",
		"publicNetworkAccess": "Disabled",
		"quotaLimit": null,
		"restore": null,
		"restrictOutboundNetworkAccess": null,
		"scheduledPurgeDate": null,
		"skuChangeInfo": null,
		"userOwnedStorage": null
	},
	"resourceGroup": "cloud-shell-storage-westeurope",
	"type": "Microsoft.CognitiveServices/accounts"
}

08 If you want to grant access from an Azure virtual network (VNet), run network vnet subnet update command (Windows/macOS/Linux) to enable a service endpoint for your Azure AI Foundry on an existing virtual network (VNet) and subnet: 

az network vnet subnet update
	--resource-group "cloud-shell-storage-westeurope"
	--name "tm-project5-subnet-001"
	--vnet-name "tm-project5-vnet"
	--service-endpoints "Microsoft.CognitiveServices"

09 The command output should return the service endpoint configuration information: 

{
	"addressPrefixes": [
		"10.0.0.0/24"
	],
	"delegations": [],
	"etag": "W/\"abcd1234-abcd-1234-abcd-1234abcd1234\"",
	"id": "/subscriptions/abcd1234-abcd-1234-abcd-1234abcd1234/resourceGroups/cloud-shell-storage-westeurope/providers/Microsoft.Network/virtualNetworks/tm-project5-vnet/subnets/tm-project5-subnet-001",
	"name": "tm-project5-subnet-001",
	"privateEndpointNetworkPolicies": "Disabled",
	"privateLinkServiceNetworkPolicies": "Enabled",
	"provisioningState": "Succeeded",
	"resourceGroup": "cloud-shell-storage-westeurope",
	"serviceEndpoints": [
		{
			"locations": [
				"*"
			],
			"provisioningState": "Succeeded",
			"service": "Microsoft.CognitiveServices"
		}
	],
	"type": "Microsoft.Network/virtualNetworks/subnets"
}

10 Run cognitiveservices account network-rule add command (Windows/macOS/Linux) to add a new network rule to your Azure AI Foundry instance in order to allow access from the specified virtual network (VNet) subnet: 

az cognitiveservices account network-rule add
	--resource-group "cloud-shell-storage-westeurope"
	--name "cc-project5-ai-service-instance"
	--subnet "/subscriptions/abcd1234-abcd-1234-abcd-1234abcd1234/resourceGroups/cloud-shell-storage-westeurope/providers/Microsoft.Network/virtualNetworks/tm-project5-vnet/subnets/tm-project5-subnet-001"

11 The command output should return the information available for the configured AI Foundry instance: 

{
	"id": "/subscriptions/abcdabcd-1234-abcd-1234-abcdabcdabcd/resourceGroups/cloud-shell-storage-westeurope/providers/Microsoft.CognitiveServices/accounts/cc-project5-ai-service-instance",
	"identity": {
		"principalId": "abcd1234-abcd-1234-abcd-1234abcd1234",
		"tenantId": "abcd1234-abcd-1234-abcd-1234abcd1234",
		"type": "SystemAssigned",
	},
	"kind": "AIServices",
	"location": "westeurope",
	"name": "cc-project5-ai-service-instance",
	"properties": {

		...

		"isMigrated": false,
		"locations": null,
		"migrationToken": null,
		"networkAcls": {
			"defaultAction": "Deny",
			"ipRules": null,
			"virtualNetworkRules": [
				{
					"id": "/subscriptions/abcd1234-abcd-1234-abcd-1234abcd1234/resourceGroups/cloud-shell-storage-westeurope/providers/Microsoft.Network/virtualNetworks/tm-project5-vnet/subnets/tm-project5-subnet-001",
					"ignoreMissingVnetServiceEndpoint": true,
					"resourceGroup": "cloud-shell-storage-westeurope",
					"state": null
				}
			]
		},

		...

		"privateEndpointConnections": [],
		"provisioningState": "Succeeded",
		"publicNetworkAccess": "Disabled",
		"quotaLimit": null,
		"restore": null,
		"restrictOutboundNetworkAccess": null,
		"scheduledPurgeDate": null,
		"skuChangeInfo": null,
		"userOwnedStorage": null
	},
	"resourceGroup": "cloud-shell-storage-westeurope",
	"type": "Microsoft.CognitiveServices/accounts"
}

12 If you want to allow access from specific public IP addresses or IP ranges, run cognitiveservices account network-rule add command (Windows/macOS/Linux) to add a network rule for an individual IPv4 address or IPv4 address range: 

az cognitiveservices account network-rule add
	--resource-group "cloud-shell-storage-westeurope"
	--name "cc-project5-ai-service-instance"
	--ip-address "192.168.0.1"

13 The command output should return the information available for the configured AI Foundry instance: 

{
	"id": "/subscriptions/abcdabcd-1234-abcd-1234-abcdabcdabcd/resourceGroups/cloud-shell-storage-westeurope/providers/Microsoft.CognitiveServices/accounts/cc-project5-ai-service-instance",
	"identity": {
		"principalId": "abcd1234-abcd-1234-abcd-1234abcd1234",
		"tenantId": "abcd1234-abcd-1234-abcd-1234abcd1234",
		"type": "SystemAssigned",
	},
	"kind": "AIServices",
	"location": "westeurope",
	"name": "cc-project5-ai-service-instance",
	"properties": {

		...

		"isMigrated": false,
		"locations": null,
		"migrationToken": null,
		"networkAcls": {
			"defaultAction": "Deny",
			"ipRules": [
				{
					"value": "192.168.0.1"
				}
			],
			"virtualNetworkRules": [
				{
					"id": "/subscriptions/abcd1234-abcd-1234-abcd-1234abcd1234/resourceGroups/cloud-shell-storage-westeurope/providers/Microsoft.Network/virtualNetworks/tm-project5-vnet/subnets/tm-vnet-subnet-001",
					"ignoreMissingVnetServiceEndpoint": true,
					"resourceGroup": "cloud-shell-storage-westeurope",
					"state": null
				}
			]
		},

		...

		"privateEndpointConnections": [],
		"provisioningState": "Succeeded",
		"publicNetworkAccess": "Disabled",
		"quotaLimit": null,
		"restore": null,
		"restrictOutboundNetworkAccess": null,
		"scheduledPurgeDate": null,
		"skuChangeInfo": null,
		"userOwnedStorage": null
	},
	"resourceGroup": "cloud-shell-storage-westeurope",
	"type": "Microsoft.CognitiveServices/accounts"
}

References

Publication date Sep 10, 2025

Related AIFoundry rules