AzPolicyAdvertizer

last sync: 2022-May-24 16:30:29 UTC

Azure Policy definition

[Preview]: Storage account public access should be disallowed

Name

[Preview]: Storage account public access should be disallowed
Azure Portal

4fa4b6c0-31ca-4c0d-b10d-24b96f62a751

Version

3.1.0-preview
details on versioning

Category

Storage
Microsoft docs

Description

Anonymous public read access to containers and blobs in Azure Storage is a convenient way to share data but might present security risks. To prevent data breaches caused by undesired anonymous access, Microsoft recommends preventing public access to a storage account unless your scenario requires it.

Mode

Indexed

Type

BuiltIn

Preview

True

Deprecated

FALSE

Effect

Default: Audit
Allowed: (audit, Audit, deny, Deny, disabled, Disabled)

Used RBAC Role

none

Rule Aliases

IF (1)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.Storage/storageAccounts/allowBlobPublicAccess	Microsoft.Storage	storageAccounts	properties.allowBlobPublicAccess	true

Rule ResourceTypes

IF (1)
Microsoft.Storage/storageAccounts

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2022-04-01 20:29:14	change	Minor, suffix remains equal (3.0.1-preview > 3.1.0-preview)
2021-08-30 14:27:30	change	Major, suffix remains equal (2.0.1-preview > 3.0.1-preview)
2020-12-11 15:42:52	change	Patch, suffix remains equal (2.0.0-preview > 2.0.1-preview)
2020-11-10 16:00:42	change	Major, suffix remains equal (1.0.1-preview > 2.0.0-preview)
2020-08-27 15:39:26	add	4fa4b6c0-31ca-4c0d-b10d-24b96f62a751

Used in Initiatives

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
[Deprecated]: Azure Security Benchmark v2	bb522ac1-bc39-4957-b194-429bcd3bcb0b	Regulatory Compliance	Deprecated	BuiltIn
Azure Security Benchmark	1f3afdf9-d0c9-4c3d-847f-89da613e70a8	Security Center	GA	BuiltIn
CIS Microsoft Azure Foundations Benchmark v1.1.0	1a5bb27d-173f-493e-9568-eb56638dde4d	Regulatory Compliance	GA	BuiltIn
CIS Microsoft Azure Foundations Benchmark v1.3.0	612b5213-9160-4969-8578-1518bd2a000c	Regulatory Compliance	GA	BuiltIn
CMMC Level 3	b5629c75-5c77-4422-87b9-2509e680f8de	Regulatory Compliance	GA	BuiltIn
FedRAMP High	d5264498-16f4-418a-b659-fa7ef418175f	Regulatory Compliance	GA	BuiltIn
FedRAMP Moderate	e95f5a9f-57ad-4d03-bb0b-b1d16db93693	Regulatory Compliance	GA	BuiltIn
NIST SP 800-171 Rev. 2	03055927-78bd-4236-86c0-f36125a10dc9	Regulatory Compliance	GA	BuiltIn
NIST SP 800-53 Rev. 4	cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f	Regulatory Compliance	GA	BuiltIn
NIST SP 800-53 Rev. 5	179d1daa-458f-4e47-8086-2a68d0d6c38f	Regulatory Compliance	GA	BuiltIn

JSON Changes

Visual JSON JSON (Annotated)

Show unchanged values

JSON

AzPolicyAdvertizer

Azure Policy definition

[Preview]: Storage account public access should be disallowed

JSON Left

JSON Right