AzPolicyAdvertizer

last sync: 2023-Jun-19 17:45:01 UTC

Community Policy definition

Audit - Azure Storage Blobs and Containers should have Soft Delete enabled

Name Audit - Azure Storage Blobs and Containers should have Soft Delete enabled
Community-Policy GitHub
Id storage_audit-soft-delete-for-blob-services
Version 1.0.0-preview
details on versioning
Category Storage
Microsoft docs
Description Protect your Storage Blobs or Containers from accidental or malicious deletions by enabling Soft Delete: https://docs.microsoft.com/azure/storage/blobs/soft-delete-container-overview?tabs=powershell
Mode Indexed
Type Custom Community
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
Used RBAC Role none
Rule Aliases THEN-ExistenceCondition (4)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Storage/storageAccounts/blobServices/default.containerDeleteRetentionPolicy.days Microsoft.Storage storageAccounts/blobServices properties.containerDeleteRetentionPolicy.days true
Microsoft.Storage/storageAccounts/blobServices/default.containerDeleteRetentionPolicy.enabled Microsoft.Storage storageAccounts/blobServices properties.containerDeleteRetentionPolicy.enabled true
Microsoft.Storage/storageAccounts/blobServices/default.deleteRetentionPolicy.days Microsoft.Storage storageAccounts/blobServices properties.deleteRetentionPolicy.days true
Microsoft.Storage/storageAccounts/blobServices/default.deleteRetentionPolicy.enabled Microsoft.Storage storageAccounts/blobServices properties.deleteRetentionPolicy.enabled true
Rule ResourceTypes IF (1)
Microsoft.Storage/storageAccounts
JSON