last sync: 2020-Sep-30 14:32:32 UTC

Azure Policy

Deploy Advanced Threat Protection on Storage Accounts

Policy DisplayName Deploy Advanced Threat Protection on Storage Accounts
Policy Id 361c2074-3595-4e5d-8cab-4f21dffc835c
Policy Category Storage
Policy Description This policy enables Advanced Threat Protection on Storage Accounts.
Policy Mode Indexed
Policy Type BuiltIn
Policy in Preview FALSE
Policy Deprecated FALSE
Policy Effect Default: DeployIfNotExists
Allowed: (DeployIfNotExists,Disabled)
Roles used
Role Name Role Id
Security Admin fb1c8493-542b-48eb-b624-b4c8fea62acd
Policy Changes no changes
Used in Policy Initiative(s) none
Policy Rule
{
  "properties": {
    "displayName": "Deploy Advanced Threat Protection on Storage Accounts",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "This policy enables Advanced Threat Protection on Storage Accounts.",
    "metadata": {
      "version": "1.0.0",
      "category": "Storage"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "DeployIfNotExists",
          "Disabled"
        ],
        "defaultValue": "DeployIfNotExists"
      }
    },
    "policyRule": {
      "if": {
        "field": "type",
        "equals": "Microsoft.Storage/storageAccounts"
      },
      "then": {
      "effect": "[parameters('effect')]",
        "details": {
          "type": "Microsoft.Security/advancedThreatProtectionSettings",
          "name": "current",
          "existenceCondition": {
            "field": "Microsoft.Security/advancedThreatProtectionSettings/isEnabled",
            "equals": "true"
          },
          "roleDefinitionIds": [
            "/providers/Microsoft.Authorization/roleDefinitions/fb1c8493-542b-48eb-b624-b4c8fea62acd"
          ],
          "deployment": {
            "properties": {
              "mode": "incremental",
              "template": {
                "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
                "contentVersion": "1.0.0.0",
                "parameters": {
                  "storageAccountName": {
                    "type": "string"
                  }
                },
                "resources": [
                  {
                    "apiVersion": "2019-01-01",
                    "type": "Microsoft.Storage/storageAccounts/providers/advancedThreatProtectionSettings",
                  "name": "[concat(parameters('storageAccountName'), '/Microsoft.Security/current')]",
                    "properties": {
                      "isEnabled": true
                    }
                  }
                ]
              },
              "parameters": {
                "storageAccountName": {
                "value": "[field('name')]"
                }
              }
            }
          }
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/361c2074-3595-4e5d-8cab-4f21dffc835c",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "361c2074-3595-4e5d-8cab-4f21dffc835c"
}