last sync: 2022-Jun-28 16:32:57 UTC

Azure Policy definition

Storage accounts should prevent shared key access

Name Storage accounts should prevent shared key access
Azure Portal
Id 8c6a50c6-9ffd-4ae7-986f-5fa6111f9a54
Version 1.0.0
details on versioning
Category Storage
Microsoft docs
Description Audit requirement of Azure Active Directory (Azure AD) to authorize requests for your storage account. By default, requests can be authorized with either Azure Active Directory credentials, or by using the account access key for Shared Key authorization. Of these two types of authorization, Azure AD provides superior security and ease of use over Shared Key, and is recommended by Microsoft.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: Audit
Allowed: (Audit, Deny, Disabled)
Used RBAC Role none
Rule Aliases IF (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Storage/storageAccounts/allowSharedKeyAccess Microsoft.Storage storageAccounts properties.allowSharedKeyAccess true
Rule ResourceTypes IF (1)
Date/Time (UTC ymd) (i) Change type Change detail
2021-06-22 14:29:30 add 8c6a50c6-9ffd-4ae7-986f-5fa6111f9a54
Used in Initiatives none