| Source | Azure Portal | ||||||||||||||
| Display name | Storage accounts should prevent shared key access (excluding storage accounts created by Databricks) | ||||||||||||||
| Id | fd9903f1-38c2-4d36-8e44-5c1c20c561e8 | ||||||||||||||
| Version | 1.0.0 Details on versioning |
||||||||||||||
| Versioning |
Versions supported for Versioning: 1 1.0.0 Built-in Versioning [Preview] |
||||||||||||||
| Category | Storage Microsoft Learn |
||||||||||||||
| Description | Audit requirement of Azure Active Directory (Azure AD) to authorize requests for your storage account. By default, requests can be authorized with either Azure Active Directory credentials, or by using the account access key for Shared Key authorization. Of these two types of authorization, Azure AD provides superior security and ease of use over Shared Key, and is recommended by Microsoft. | ||||||||||||||
| Cloud environments | AzureCloud = true AzureUSGovernment = unknown AzureChinaCloud = unknown |
||||||||||||||
| Available in AzUSGov | Unknown, no evidence if Policy definition is/not available in AzureUSGovernment | ||||||||||||||
| Mode | Indexed | ||||||||||||||
| Type | BuiltIn | ||||||||||||||
| Preview | False | ||||||||||||||
| Deprecated | False | ||||||||||||||
| Effect | Default Audit Allowed Audit, Deny, Disabled |
||||||||||||||
| RBAC role(s) | none | ||||||||||||||
| Rule aliases | IF (1)
|
||||||||||||||
| Rule resource types | IF (1) |
||||||||||||||
| Compliance | Not a Compliance control | ||||||||||||||
| Initiatives usage | none | ||||||||||||||
| History |
|
||||||||||||||
| JSON compare | n/a | ||||||||||||||
| JSON |
|