Control: Azure > CIS v2.0 > 03 - Storage Accounts > 3.08 - Ensure Default Network Access Rule for Storage Accounts is Set to Deny

Configures auditing against a CIS Benchmark item.

Level: 1

Restricting default network access helps to provide a new layer of security, since storage accounts accept connections from clients on any network. To limit access to selected networks, the default action must be changed.

Resource Types

This control targets the following resource types:

Azure > Storage > Storage Account

Primary Policies

The following policies can be used to configure this control:

3.08 - Ensure Default Network Access Rule for Storage Accounts is Set to Deny

In Your Workspace

Developers

Control Type URI

tmod:@turbot/azure-cisv2-0#/control/types/r0308

Category URI

tmod:@turbot/cis#/control/categories/v071303

GraphQL

query controlType(id: "tmod:@turbot/azure-cisv2-0#/control/types/r0308") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/azure-cisv2-0#/control/types/r0308'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-cisv2-0#/control/types/r0308"