AzPolicyAdvertizer

last sync: 2025-Oct-24 17:23:08 UTC

Configure Microsoft Defender for Storage to be enabled

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

Configure Microsoft Defender for Storage to be enabled

cfdc5972-75b3-4418-8ae1-7f5c36839390

Version

1.5.0
Details on versioning

Versioning

Versions supported for Versioning: 5
1.5.0
1.4.0
1.3.0
1.2.0
1.1.0
Built-in Versioning [Preview]

Category

Security Center
Microsoft Learn

Description

Microsoft Defender for Storage is an Azure-native layer of security intelligence that detects potential threats to your storage accounts. This policy will enable all Defender for Storage capabilities; Activity Monitoring, Malware Scanning and Sensitive Data Threat Detection. To learn more about Defender for Storage capabilities and benefits, visit aka.ms/DefenderForStorage.

Cloud environments

AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown

Available in AzUSGov

Unknown, no evidence if Policy definition is/not available in AzureUSGovernment

Mode

All

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled

RBAC role(s)

Role Name	Role Id
Owner	8e3af657-a8ff-443c-a75c-2fe8c4bcb635

Rule aliases

THEN-ExistenceCondition (5)

Alias	Namespace	ResourceType	Path	PathIsDefault	Modifiable
Microsoft.Security/pricings/extensions[*]	Microsoft.Security	pricings	properties.extensions[*]	True	True
Microsoft.Security/pricings/extensions[*].isEnabled	Microsoft.Security	pricings	properties.extensions[*].isEnabled	True	True
Microsoft.Security/pricings/extensions[*].name	Microsoft.Security	pricings	properties.extensions[*].name	True	False
Microsoft.Security/pricings/pricingTier	Microsoft.Security	pricings	properties.pricingTier	True	False
Microsoft.Security/pricings/subPlan	Microsoft.Security	pricings	properties.subPlan	True	False

Rule resource types

IF (1)

Microsoft.Resources/subscriptions

THEN-Deployment (1)

Microsoft.Security/pricings

Compliance

The following 1 compliance controls are associated with this Policy definition 'Configure Microsoft Defender for Storage to be enabled' (cfdc5972-75b3-4418-8ae1-7f5c36839390)

Control Domain	Control	Name	MetadataId	Category	Title	Owner	Requirements	Description	Info	Policy#
	op.exp.6 Protection against harmful code	op.exp.6 Protection against harmful code	404 not found				n/a	n/a		61

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type	polSet in AzUSGov
[Deprecated]: Deploy Microsoft Defender for Cloud configuration	Deploy-MDFC-Config	Security Center	Deprecated	ALZ
Configure Microsoft Defender for Cloud plans	f08c57cd-dbd6-49a4-a85e-9ae77ac959b0	Security Center	GA	BuiltIn	unknown
Deploy Microsoft Defender for Cloud configuration	Deploy-MDFC-Config_20240319	Security Center	GA	ALZ
Spain ENS	175daf90-21e1-4fec-b745-7b4c909aa94c	Regulatory Compliance	GA	BuiltIn	unknown

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2025-05-06 19:40:34	change	Minor (1.4.0 > 1.5.0)
2024-07-17 18:20:29	change	Minor (1.3.0 > 1.4.0)
2024-05-13 17:44:58	change	Minor (1.2.0 > 1.3.0)
2024-04-12 17:45:57	change	Minor (1.1.0 > 1.2.0)
2023-09-01 18:00:13	change	Minor (1.0.2 > 1.1.0)
2023-07-10 18:02:26	change	Patch (1.0.1 > 1.0.2)
2023-03-31 17:44:15	add	cfdc5972-75b3-4418-8ae1-7f5c36839390

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC