Policy: Azure > CIS v4.0 > 10 - Storage Services > 10.03 - Storage Accounts > 10.03.02 - Networking

This subsection covers security recommendations for configuring network access to storage accounts. These recommendations focus on using private endpoints, disabling public network access, and setting default network access rules to deny.

Primary Policy

This policy is used with the following primary policy:

Azure > CIS v4.0 > 10 - Storage Services > 10.03 - Storage Accounts

Policy Specification

Schema Type	`string`
Default	`Per Azure > CIS v4.0 > 10 - Storage Services > 10.03 - Storage Accounts`
Valid Values [YAML]	`Per Azure > CIS v4.0 > 10 - Storage Services > 10.03 - Storage Accounts` `Skip` `Check: All CIS Benchmarks except attestations` `Check: All CIS Benchmarks`

Schema Type

string

Default

Per Azure > CIS v4.0 > 10 - Storage Services > 10.03 - Storage Accounts

Valid Values [YAML]

Per Azure > CIS v4.0 > 10 - Storage Services > 10.03 - Storage Accounts

Skip

Check: All CIS Benchmarks except attestations

Check: All CIS Benchmarks

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/cis#/control/categories/cis

Policy Type URI

tmod:@turbot/azure-cisv4-0#/policy/types/s100302

GraphQL

query policyType(id: "tmod:@turbot/azure-cisv4-0#/policy/types/s100302") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/azure-cisv4-0#/policy/types/s100302'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/azure-cisv4-0#/policy/types/s100302'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/azure-cisv4-0#/policy/types/s100302"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/azure-cisv4-0#/policy/types/s100302"

Policy: Azure > CIS v4.0 > 10 - Storage Services > 10.03 - Storage Accounts > 10.03.02 - Networking

Primary Policy

Related Policies

Policy Specification

Category

In Your Workspace

Developers