Jan 19, 2022

Deny Azure Storage Accounts Not Using HTTPS

0
0
{{ }} Substitute variables

Adjust the variable values according to your preference.

Policy Code

1{
2    "properties": {
3        "displayName": "Deny storage accounts not using only HTTPS",
4        "description": "Deny storage accounts not using only HTTPS. Checks the supportsHttpsTrafficOnly property on StorageAccounts.",
5        "mode": "all",
6        "parameters": {
7            "effectType": {
8                "type": "string",
9                "defaultValue": "Deny",
10                "allowedValues": [
11                    "Deny",
12                    "Disabled"
13                ],
14                "metadata": {
15                    "displayName": "Effect",
16                    "description": "Enable or disable the execution of the policy"
17                }
18            }
19        },
20        "policyRule": {
21            "if": {
22                "allOf": [
23                    {
24                        "field": "type",
25                        "equals": "Microsoft.Storage/storageAccounts"
26                    },
27                    {
28                        "field": "Microsoft.Storage/storageAccounts/supportsHttpsTrafficOnly",
29                        "notEquals": "true"
30                    }
31                ]
32            },
33            "then": {
34                "effect": "[parameters('effectType')]"
35            }
36        }
37    }
38}

Get the IAM Pulse Check Newsletter

We send out a periodic newsletter full of tips & tricks, contributions from the community, commentary on the industry, relevant social posts, and more.

Checkout past issues for a sampling of the goods.