Storage - Monitor newly created Containers for public accessΒΆ

Deploy an Azure Function to monitor real-time Blob Storage Container events. - Filter incoming container events on the publicAccess property. - Provides a way to act quickly on any changes to existing containers or creation of new containers. - Add your own actions to notify or mitigate as needed.

policies:
  - name: storage_container_public_access_event
    description: 'Identity containers with public access'
    mode:
      type: azure-event-grid
      events:
        - StorageContainerWrite
      provision-options:
        identity:
          type: UserAssigned
          id: custodian_identity
      execution-options:
        output_dir: azure://<storage_account>.blob.core.windows.net/custodian
    resource: azure.storage-container
    filters:
      - type: value
        key: properties.publicAccess
        op: not-equal
        value: None   # Possible values: Blob, Container, None