| Name | Storage accounts should prevent shared key access Azure Portal |
||||||||||
| Id | 8c6a50c6-9ffd-4ae7-986f-5fa6111f9a54 | ||||||||||
| Version | 2.0.0 details on versioning |
||||||||||
| Category | Storage Microsoft docs |
||||||||||
| Description | Audit requirement of Azure Active Directory (Azure AD) to authorize requests for your storage account. By default, requests can be authorized with either Azure Active Directory credentials, or by using the account access key for Shared Key authorization. Of these two types of authorization, Azure AD provides superior security and ease of use over Shared Key, and is recommended by Microsoft. | ||||||||||
| Mode | Indexed | ||||||||||
| Type | BuiltIn | ||||||||||
| Preview | FALSE | ||||||||||
| Deprecated | FALSE | ||||||||||
| Effect | Default Audit Allowed Audit, Deny, Disabled |
||||||||||
| RBAC Role(s) |
none | ||||||||||
| Rule Aliases |
IF (1)
|
||||||||||
| Rule ResourceTypes |
IF (1) Microsoft.Storage/storageAccounts |
||||||||||
| Compliance | Not a Compliance control | ||||||||||
| History |
|
||||||||||
| Initiatives usage |
none | ||||||||||
| JSON |
|