azure.keyvault-storage¶
Key Vault Managed Storage Account Resource
- example
List all Key Vault managed Storage Accounts
policies:
- name: keyvault-storage
resource: azure.keyvault-storage
Actions¶
regenerate-key¶
Regenerate Managed Storage Access Key
- example
Regenerate all Access Keys older than 30 days.
policies:
- name: azure-managed-storage-regenerate-key
resource: azure.keyvault-storage
filters:
- type: value
key: attributes.updated
op: gt
value_type: age
value: 30
actions:
- type: regenerate-key
properties:
type:
enum:
- regenerate-key
required:
- type
update¶
Update Key Vault Managed Storage Account properties.
- example
Ensure all keys have auto regenerate enabled with 30 days rotation policy.
policies:
- name: azure-managed-storage-update
resource: azure.keyvault-storage
filters:
- or:
- type: auto-regenerate-key
value: false
- type: regeneration-period
op: ne
value: P30D
actions:
- type: update
auto-regenerate-key: true
regeneration-period: P30D
properties:
active-key-name:
type: string
auto-regenerate-key:
type: boolean
regeneration-period:
type: string
type:
enum:
- update
required:
- type