Storage

Filters

  • Standard Value Filter (see Generic Filters)
  • ARM Resource Filters (see Generic Filters)
    • Metric Filter - Filter on metrics from Azure Monitor - (see Storage Account Supported Metrics)

    • Tag Filter - Filter on tag presence and/or values

    • Marked-For-Op Filter - Filter on tag that indicates a scheduled operation for a resource

  • firewall-rules Firewall Rules Filter

    Filter based on firewall rules. Rules can be specified as x.x.x.x-y.y.y.y or x.x.x.x or x.x.x.x/y.

    • include: the list of IP ranges or CIDR that firewall rules must include. The list must be a subset of the exact rules as is, the ranges will not be combined.

    • equal: the list of IP ranges or CIDR that firewall rules must match exactly.

    oneOf:
    - required:
      - type
      - include
    - required:
      - type
      - any
    - required:
      - type
      - only
    - required:
      - type
      - equal
    properties:
      any:
        items:
          type: string
        type: array
      equal:
        items:
          type: string
        type: array
      include:
        items:
          type: string
        type: array
      only:
        items:
          type: string
        type: array
      type:
        enum:
        - firewall-rules
    

Actions

  • ARM Resource Actions (see Generic Actions)

  • set-network-rules Set network (firewall) rules.
    • default-action: Required. Can be either Allow or Deny.

    • bypass: Optional. List of services that are allowed to bypass the rules. Any combination of AzureServices,

      Logging and Metrics, e.g. [Logging, Metrics]. If not specified the property is not changed.

    • ip-rules: Optional. List of allowed ip-s or addresses. Specify empty list [] to remove all items. - ip-address-or-range: Ip address or range that is allowed.

    • virtual-network-rules: Optional. List of allowed virtual networks. Specify empty list [] to remove all items. - virtual-network-resource-id: Azure id of a subnet of a virtual network.

    properties:
      bypass:
        items:
          enum:
          - AzureServices
          - Logging
          - Metrics
        type: array
      default-action:
        enum:
        - Allow
        - Deny
      ip-rules:
        items:
          ip-address-or-range:
            type: string
        type: array
      type:
        enum:
        - set-network-rules
      virtual-network-rules:
        items:
          virtual-network-resource-id:
            type: string
        type: array
    required:
    - default-action
    - type