azure.storage-container

Storage Container Resource

example

Finds all containers with public access enabled

policies:
  - name: storage-container-public
    description: |
      Find all containers with public access enabled
    resource: azure.storage-container
    filters:
      - type: value
        key: properties.publicAccess
        op: not-equal
        value: None   # Possible values: Blob, Container, None

Filters

• cost

• event

• metric

• offhour

• onhour

• parent

• policy-compliant

• reduce

• resource-lock

• value

Actions

• delete

• lock

• logic-app

• notify

• set-public-access

• webhook

set-public-access

Action that updates the access level setting on Storage Containers. Programmatically, this will be seen by updating the Public Access setting

example

Finds all Blob Storage Containers that are not private and sets them to private

policies:
    - name: set-non-production-accounts-private
      resource: azure.storage-container
      filters:
        - type: value
          key: properties.publicAccess
          op: not-equal
          value: None
      actions:
        - type: set-public-access
          value: None

properties:
  type:
    enum:
    - set-public-access
  value:
    enum:
    - Container
    - Blob
    - None
required:
- value
- type