AzPolicyAdvertizer

last sync: 2023-Jun-19 17:45:01 UTC

Community Policy definition

Configure Storage Account to have Container Soft Delete enabled

Name

Configure Storage Account to have Container Soft Delete enabled
Community-Policy GitHub

6dacd5df-9686-4a04-88d8-6ec1feb4f500

Version

1.0.0
details on versioning

Category

Storage
Microsoft docs

Description

Container soft delete protects your data from being accidentally or erroneously modified or deleted. When container soft delete is enabled for a storage account, a container and its contents may be recovered after it has been deleted, within a retention period that you specify. For more details about container soft delete, see https://learn.microsoft.com/en-us/azure/storage/blobs/soft-delete-container-overview.

Mode

All

Type

Custom Community

Effect

Default
Modify
Allowed
Modify, Deny, Audit, Disabled

Used RBAC Role

Role Name	Role Id
Storage Account Contributor	17d1049b-9a84-46fb-8f53-869881c3d3ab

Rule Aliases

IF (1)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.Storage/storageAccounts/blobServices/containerDeleteRetentionPolicy.enabled	Microsoft.Storage	storageAccounts/blobServices	properties.containerDeleteRetentionPolicy.enabled	true

THEN-Operations (2)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.Storage/storageAccounts/blobServices/containerDeleteRetentionPolicy.days	Microsoft.Storage	storageAccounts/blobServices	properties.containerDeleteRetentionPolicy.days	true
Microsoft.Storage/storageAccounts/blobServices/containerDeleteRetentionPolicy.enabled	Microsoft.Storage	storageAccounts/blobServices	properties.containerDeleteRetentionPolicy.enabled	true

Rule ResourceTypes

IF (1)
Microsoft.Storage/storageAccounts/blobServices

JSON