azure.storage-container

Storage Container Resource

example:

Finds all containers with public access enabled

policies:
  - name: storage-container-public
    description: |
      Find all containers with public access enabled
    resource: azure.storage-container
    filters:
      - type: value
        key: properties.publicAccess
        op: not-equal
        value: None   # Possible values: Blob, Container, None

Filters

• cost

• event

• list-item

• metric

• offhour

• onhour

• parent

• policy-compliant

• reduce

• resource-lock

• value

Actions

• delete

• lock

• logic-app

• notify

• set-public-access

• webhook

set-public-access

Action that updates the access level setting on Storage Containers. Programmatically, this will be seen by updating the Public Access setting

example:

Finds all Blob Storage Containers that are not private and sets them to private

policies:
    - name: set-non-production-accounts-private
      resource: azure.storage-container
      filters:
        - type: value
          key: properties.publicAccess
          op: not-equal
          value: None
      actions:
        - type: set-public-access
          value: None

properties:
  type:
    enum:
    - set-public-access
  value:
    enum:
    - Container
    - Blob
    - None
required:
- value
- type