standard
turbot/azure_compliance

Trigger: Detect & correct Storage Accounts with trusted Microsoft services access disabled

Detect Storage Accounts with trusted Microsoft services access disabled and then enable trusted Microsoft services.

Query

select
concat(
sa.id,
' [',
sa.resource_group,
'/',
sa.subscription_id,
']'
) as title,
sa.id as id,
sa.name,
sa.resource_group,
sa.subscription_id,
sa._ctx ->> 'connection_name' as conn
from
azure_storage_account as sa,
azure_subscription as sub
where
sub.subscription_id = sa.subscription_id
and network_rule_bypass not like '%AzureServices%';

Schedule

15m

Tags

category = Compliance
plugin = azure
service = Azure/Storage