last sync: 2025-Mar-14 18:30:15 UTC

Configure storage accounts to disable public network access

Azure BuiltIn Policy definition

Source Azure Portal
Display name Configure storage accounts to disable public network access
Id a06d0189-92e8-4dba-b0c4-08d7669fce7d
Version 1.0.1
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.1
Built-in Versioning [Preview]
Category Storage
Microsoft Learn
Description To improve the security of Storage Accounts, ensure that they aren't exposed to the public internet and can only be accessed from a private endpoint. Disable the public network access property as described in https://aka.ms/storageaccountpublicnetworkaccess. This option disables access from any public address space outside the Azure IP range, and denies all logins that match IP or virtual network-based firewall rules. This reduces data leakage risks.
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Modify
Allowed
Modify, Disabled
RBAC role(s)
Role Name Role Id
Storage Account Contributor 17d1049b-9a84-46fb-8f53-869881c3d3ab
Rule aliases IF (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Storage/storageAccounts/publicNetworkAccess Microsoft.Storage storageAccounts properties.publicNetworkAccess True True
THEN-Operations (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Storage/storageAccounts/publicNetworkAccess Microsoft.Storage storageAccounts properties.publicNetworkAccess True True
Rule resource types IF (1)
Microsoft.Storage/storageAccounts
Compliance
The following 1 compliance controls are associated with this Policy definition 'Configure storage accounts to disable public network access' (a06d0189-92e8-4dba-b0c4-08d7669fce7d)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
mp.com.1 Secure perimeter mp.com.1 Secure perimeter 404 not found n/a n/a 49
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
Enforce recommended guardrails for Storage Account Enforce-Guardrails-Storage Storage GA ALZ
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn unknown
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-06-10 16:31:21 change Patch (1.0.0 > 1.0.1)
2022-05-27 20:20:35 add a06d0189-92e8-4dba-b0c4-08d7669fce7d
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC