| Source | Azure Portal | ||||||||||||||
| Display name | Storage accounts should have shared access signature (SAS) policies configured | ||||||||||||||
| Id | bc1b984e-ddae-40cc-801a-050a030e4fbe | ||||||||||||||
| Version | 1.0.0 Details on versioning |
||||||||||||||
| Versioning |
Versions supported for Versioning: 1 1.0.0 Built-in Versioning [Preview] |
||||||||||||||
| Category | Storage Microsoft Learn |
||||||||||||||
| Description | Ensure storage accounts have shared access signature (SAS) expiration policy enabled. Users use a SAS to delegate access to resources in Azure Storage account. And SAS expiration policy recommend upper expiration limit when a user creates a SAS token. | ||||||||||||||
| Mode | Indexed | ||||||||||||||
| Type | BuiltIn | ||||||||||||||
| Preview | False | ||||||||||||||
| Deprecated | False | ||||||||||||||
| Effect | Default Audit Allowed Audit, Deny, Disabled |
||||||||||||||
| RBAC role(s) | none | ||||||||||||||
| Rule aliases | IF (1)
|
||||||||||||||
| Rule resource types | IF (1) Microsoft.Storage/storageAccounts |
||||||||||||||
| Compliance | Not a Compliance control | ||||||||||||||
| Initiatives usage | none | ||||||||||||||
| History |
|
||||||||||||||
| JSON compare | n/a | ||||||||||||||
| JSON |
|