Turbot Guardrails Hub 
Hub
  • Mods
  • Policy Packs
  • Docs
  • Home
ModsPolicy PacksDocsHome
Mods
Azure
Loading policies...

Policy: Azure > Storage > Storage Account > Shared Key Access

Define the Shared Key Access settings required for Azure > Storage > Storage Account.

This policy determines whether Shared Key access is permitted for Azure Storage Accounts. Disabling Shared Key access ensures that only requests authorized with Microsoft Entra ID (AAD) are permitted, enhancing the security of storage account access. Enabling Shared Key access allows requests authorized with account keys or SAS tokens. When set to "Check: Disabled" or "Check: Enabled", the control will alarm if the storage account's setting does not match the policy. When set to "Enforce: Disabled" or "Enforce: Enabled", the control will automatically set the property to match the policy. Setting the policy to "Skip" will exclude the storage account from this check.

Targets

This policy targets the following resource types:

  • Azure > Storage > Storage Account

Controls

Setting this policy configures this control:

  • Azure > Storage > Storage Account > Shared Key Access

Policy Specification

Schema Type
string
Default
Skip
Valid Values [YAML]
  • Skip

  • Check: Disabled

  • Check: Enabled

  • Enforce: Disabled

  • Enforce: Enabled

Category

  • Security

In Your Workspace

  • Policy Settings by Type report

Developers

    Category URI
    • tmod:@turbot/turbot#/control/categories/security
    • Policy Type URI
    • tmod:@turbot/azure-storage#/policy/types/storageAccountSharedKeyAccess
    • GraphQL
    • query policyType(id: "tmod:@turbot/azure-storage#/policy/types/storageAccountSharedKeyAccess") { … }
    • query policySettings(filter: "policyTypeId:'tmod:@turbot/azure-storage#/policy/types/storageAccountSharedKeyAccess'") { … }
    • query policyValues(filter: "policyTypeId:'tmod:@turbot/azure-storage#/policy/types/storageAccountSharedKeyAccess'") { … }
    • CLI
    • Get Policy Type
    • turbot graphql policy-type --id "tmod:@turbot/azure-storage#/policy/types/storageAccountSharedKeyAccess"
      • Get Policy Settings
    • turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/azure-storage#/policy/types/storageAccountSharedKeyAccess"
Guardrails
Guardrails Hub
  • Hub
  • Docs
  • Blog
  • Changelog
Products
  • GuardrailsGuardrails
  • PipesPipes
  • SteampipeSteampipe
  • PowerpipePowerpipe
  • FlowpipeFlowpipe
  • TailpipeTailpipe
Turbot
  • Home
  • About us
  • We're hiring!
  • Contact us
Community

Our community of practitioners love to discuss cloud governance & security.

Slack logoJoin us on Slack →

System StatusLegalSecurity
Terms of UseSecurityPrivacy
50
Mods
207
Resource Types
3,612
Policies
1,957
Controls
103
Quick Actions
114
IAM