Policy: Azure > Storage > Storage Account > Shared Key Access
Define the Shared Key Access settings required for Azure > Storage > Storage Account.
This policy determines whether Shared Key access is permitted for Azure Storage Accounts. Disabling Shared Key access ensures that only requests authorized with Microsoft Entra ID (AAD) are permitted, enhancing the security of storage account access. Enabling Shared Key access allows requests authorized with account keys or SAS tokens. When set to "Check: Disabled" or "Check: Enabled", the control will alarm if the storage account's setting does not match the policy. When set to "Enforce: Disabled" or "Enforce: Enabled", the control will automatically set the property to match the policy. Setting the policy to "Skip" will exclude the storage account from this check.
Targets
This policy targets the following resource types:
Controls
Setting this policy configures this control:
Policy Specification
Schema Type | |
|---|---|
Default | |
Valid Values [YAML] |
|
Category
In Your Workspace
Developers
- tmod:@turbot/turbot#/control/categories/security
- tmod:@turbot/azure-storage#/policy/types/storageAccountSharedKeyAccess
- turbot graphql policy-type --id "tmod:@turbot/azure-storage#/policy/types/storageAccountSharedKeyAccess"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/azure-storage#/policy/types/storageAccountSharedKeyAccess"
Get Policy TypeGet Policy Settings