standard
turbot/azure_compliance

Trigger: Detect & correct Storage Accounts with public access enabled

Detect publicly accessible Storage Accounts and then disable public access.

Query

select
concat(
sa.id,
' [',
sa.subscription_id,
'/',
sa.resource_group,
']'
) as title,
sa.id as id,
sa.name,
sa.resource_group,
sa.subscription_id,
sa._ctx ->> 'connection_name' as conn
from
azure_storage_account as sa
where
sa.public_network_access = 'Enabled';

Schedule

15m

Tags

category = Compliance
plugin = azure
service = Azure/Storage