Turbot Guardrails Hub 
Hub
  • Mods
  • Policy Packs
  • Docs
  • Home
ModsPolicy PacksDocsHome
Policy Packs
Azure CIS v2.0.0 - Section 3 - Storage Accounts
  • Azure > Storage > Storage Account > Access Keys > Rotation Reminder
  • Azure > Storage > Storage Account > Access Keys > Rotation Reminder > Days
  • Azure > Storage > Storage Account > Approved
  • Azure > Storage > Storage Account > Approved > Infrastructure Encryption
  • Azure > Storage > Storage Account > Blob > Logging
  • Azure > Storage > Storage Account > Blob > Logging > Properties
  • Azure > Storage > Storage Account > Blob > Logging > Retention Days
  • Azure > Storage > Storage Account > Blob Public Access
  • Azure > Storage > Storage Account > Data Protection > Soft Delete
  • Azure > Storage > Storage Account > Data Protection > Soft Delete > Blobs
  • Azure > Storage > Storage Account > Data Protection > Soft Delete > Blobs > Retention Days
  • Azure > Storage > Storage Account > Data Protection > Soft Delete > Containers
  • Azure > Storage > Storage Account > Data Protection > Soft Delete > Containers > Retention Days
  • Azure > Storage > Storage Account > Encryption in Transit
  • Azure > Storage > Storage Account > Minimum TLS Version
  • Azure > Storage > Storage Account > Queue > Logging
  • Azure > Storage > Storage Account > Queue > Logging > Properties
  • Azure > Storage > Storage Account > Queue > Logging > Properties > Retention Days

Policy Settings

The Azure CIS v2.0.0 - Section 3 - Storage Accounts policy pack has 18 policy settings:

PolicySettingNote
Azure > Storage > Storage Account > Access Keys > Rotation ReminderCheck: Enabled per Rotation Reminder > DaysAzure CIS v2.0.0 - Control: 3.3
Azure > Storage > Storage Account > Access Keys > Rotation Reminder > Days90Azure CIS v2.0.0 - Control: 3.3
Azure > Storage > Storage Account > ApprovedCheck: ApprovedAzure CIS v2.0.0 - Control: 3.2
Azure > Storage > Storage Account > Approved > Infrastructure EncryptionApproved if enabledAzure CIS v2.0.0 - Control: 3.2
Azure > Storage > Storage Account > Blob > LoggingCheck: Per `Logging > *`Azure CIS v2.0.0 - Control: 3.13
Azure > Storage > Storage Account > Blob > Logging > Properties- "Read" - "Write" - "Delete" Azure CIS v2.0.0 - Control: 3.13
Azure > Storage > Storage Account > Blob > Logging > Retention Days7Azure CIS v2.0.0 - Control: 3.13
Azure > Storage > Storage Account > Blob Public AccessCheck: DisabledAzure CIS v2.0.0 - Control: 3.7
Azure > Storage > Storage Account > Data Protection > Soft DeleteCheck: Configured per Soft Delete > * policiesAzure CIS v2.0.0 - Control: 3.11
Azure > Storage > Storage Account > Data Protection > Soft Delete > BlobsEnabledAzure CIS v2.0.0 - Control: 3.11
Azure > Storage > Storage Account > Data Protection > Soft Delete > Blobs > Retention Days7Azure CIS v2.0.0 - Control: 3.11
Azure > Storage > Storage Account > Data Protection > Soft Delete > ContainersEnabledAzure CIS v2.0.0 - Control: 3.11
Azure > Storage > Storage Account > Data Protection > Soft Delete > Containers > Retention Days7Azure CIS v2.0.0 - Control: 3.11
Azure > Storage > Storage Account > Encryption in TransitCheck: EnabledAzure CIS v2.0.0 - Control: 3.1
Azure > Storage > Storage Account > Minimum TLS VersionCheck: TLS 1.2Azure CIS v2.0.0 - Control: 3.15
Azure > Storage > Storage Account > Queue > LoggingCheck: Per Logging > PropertiesAzure CIS v2.0.0 - Control: 3.5
Azure > Storage > Storage Account > Queue > Logging > Properties- "Read" - "Write" - "Delete" Azure CIS v2.0.0 - Control: 3.5
Azure > Storage > Storage Account > Queue > Logging > Properties > Retention Days7Azure CIS v2.0.0 - Control: 3.5
Guardrails
Guardrails Hub
  • Hub
  • Docs
  • Blog
  • Changelog
Products
  • GuardrailsGuardrails
  • PipesPipes
  • SteampipeSteampipe
  • PowerpipePowerpipe
  • FlowpipeFlowpipe
  • TailpipeTailpipe
Turbot
  • Home
  • About us
  • We're hiring!
  • Contact us
Community

Our community of practitioners love to discuss cloud governance & security.

Slack logoJoin us on Slack →

System StatusLegalSecurity
Terms of UseSecurityPrivacy