Policy: Azure > CIS v1 > 3 Storage > 3.03 Ensure Storage logging is enabled for Queue service for read, write, and delete requests (Not Scored)
Configures auditing against a CIS Benchmark item.
Level: 2 (Not Scored)
The Storage Queue service stores messages that may be read by any client who has access to the storage account. A queue can contain an unlimited number of messages, each of which can be up to 64KB in size using version 2011-08-18 or newer. Storage Logging happens server-side and allows details for both successful and failed requests to be recorded in the storage account. These logs allow users to see the details of read, write, and delete operations against the queues. Storage Logging log entries contain the following information about individual requests:Timing information such as start time, end-to-end latency, and server latency, authentication details , concurrency information and the sizes of the request and response messages.
Resource Types
This policy targets the following resource types:
Primary Policy
This policy is used with the following primary policy:
Controls
- Azure > CIS v1
- Azure > CIS v1 > 3 Storage > 3.03 Ensure Storage logging is enabled for Queue service for read, write, and delete requests (Not Scored)
- Azure > CIS v1 > 3 Storage
Policy Specification
Schema Type | |
|---|---|
Default | |
Valid Values [YAML] |
|
Category
In Your Workspace
Developers
- tmod:@turbot/cis#/control/categories/v0706
- tmod:@turbot/azure-cisv1#/policy/types/r0303
- turbot graphql policy-type --id "tmod:@turbot/azure-cisv1#/policy/types/r0303"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/azure-cisv1#/policy/types/r0303"
Get Policy TypeGet Policy Settings