standard
turbot/azure_compliance

Trigger: Detect & correct Storage Accounts with default network access rule set to Allow

Detect Storage Accounts with default network access rule set to Allow and runs your chosen action.

Query

select
concat(
sa.id,
' [',
sa.resource_group,
'/',
sa.subscription_id,
']'
) as title,
sa.id as id,
sa.name,
sa.resource_group,
sa.subscription_id,
sa._ctx ->> 'connection_name' as conn
from
azure_storage_account as sa,
azure_subscription as sub
where
sa.network_rule_default_action = 'Allow'
and sub.subscription_id = sa.subscription_id;

Schedule

15m

Tags

category = Compliance
plugin = azure
service = Azure/Storage