standard
turbot/azure_compliance

Trigger: Detect & correct Key Vaults with RBAC disabled

Detect Key Vaults with RBAC disabled.

Query

select
concat(
v.id,
' [',
v.subscription_id,
'/',
v.resource_group,
']'
) as title,
v.id as id,
v.name,
v.resource_group,
v.subscription_id,
v._ctx ->> 'connection_name' as conn
from
azure_key_vault as v
where
not enable_rbac_authorization;

Schedule

15m

Tags

category = Compliance
plugin = azure
service = Azure/KeyVault