AzPolicyAdvertizer

last sync: 2023-Jun-19 17:45:01 UTC

Community Policy definition

Audit - Azure Files should have Soft Delete enabled

Name

Audit - Azure Files should have Soft Delete enabled
Community-Policy GitHub

storage_audit-soft-delete-for-file-services

Version

1.0.0-preview
details on versioning

Category

Storage
Microsoft docs

Description

Protect your File Shares from accidental or malicious deletions by enabling Soft Delete: https://docs.microsoft.com/azure/storage/files/storage-files-prevent-file-share-deletion

Mode

Indexed

Type

Custom Community

Effect

Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled

Used RBAC Role

none

Rule Aliases

THEN-ExistenceCondition (2)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.Storage/storageAccounts/fileServices/default.shareDeleteRetentionPolicy.days	Microsoft.Storage	storageAccounts/fileServices	properties.shareDeleteRetentionPolicy.days	false
Microsoft.Storage/storageAccounts/fileServices/default.shareDeleteRetentionPolicy.enabled	Microsoft.Storage	storageAccounts/fileServices	properties.shareDeleteRetentionPolicy.enabled	false

Rule ResourceTypes

IF (1)
Microsoft.Storage/storageAccounts

JSON