AzPolicyAdvertizer

last sync: 2024-Jul-26 18:17:39 UTC

Configure your Storage account public access to be disallowed

Azure BuiltIn Policy definition

Source Azure Portal
Display name Configure your Storage account public access to be disallowed
Id 13502221-8df0-4414-9937-de9c5c4e396b
Version 1.0.0
Details on versioning
Category Storage
Microsoft Learn
Description Anonymous public read access to containers and blobs in Azure Storage is a convenient way to share data but might present security risks. To prevent data breaches caused by undesired anonymous access, Microsoft recommends preventing public access to a storage account unless your scenario requires it.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
Modify
Allowed
Modify, Disabled
RBAC role(s)
Role Name Role Id
Storage Account Contributor 17d1049b-9a84-46fb-8f53-869881c3d3ab
Rule aliases IF (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Storage/storageAccounts/allowBlobPublicAccess Microsoft.Storage storageAccounts properties.allowBlobPublicAccess True True
THEN-Operations (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Storage/storageAccounts/allowBlobPublicAccess Microsoft.Storage storageAccounts properties.allowBlobPublicAccess True True
Rule resource types IF (1)
Microsoft.Storage/storageAccounts
Compliance Not a Compliance control
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Preview]: Control the use of Storage Accounts in a Virtual Enclave ca122c06-05f6-4423-9018-ccb523168eb2 VirtualEnclaves Preview BuiltIn
Enforce recommended guardrails for Storage Account Enforce-Guardrails-Storage Storage GA ALZ
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-02 16:33:37 add 13502221-8df0-4414-9937-de9c5c4e396b
JSON compare n/a
JSON
api-version=2021-06-01
EPAC