last sync: 2023-Jun-01 17:45:04 UTC

Azure Policy definition

Storage accounts should prevent shared key access

Name Storage accounts should prevent shared key access
Azure Portal
Id 8c6a50c6-9ffd-4ae7-986f-5fa6111f9a54
Version 2.0.0
details on versioning
Category Storage
Microsoft docs
Description Audit requirement of Azure Active Directory (Azure AD) to authorize requests for your storage account. By default, requests can be authorized with either Azure Active Directory credentials, or by using the account access key for Shared Key authorization. Of these two types of authorization, Azure AD provides superior security and ease of use over Shared Key, and is recommended by Microsoft.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
Audit
Allowed
Audit, Deny, Disabled
RBAC
Role(s)
none
Rule
Aliases
IF (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Storage/storageAccounts/allowSharedKeyAccess Microsoft.Storage storageAccounts properties.allowSharedKeyAccess true
Rule
ResourceTypes
IF (1)
Microsoft.Storage/storageAccounts
Compliance Not a Compliance control
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-23 16:35:49 change Major (1.0.0 > 2.0.0)
2021-06-22 14:29:30 add 8c6a50c6-9ffd-4ae7-986f-5fa6111f9a54
Initiatives
usage
none
JSON