Control: Storage account logging (Classic Diagnostic Setting) for blobs should be enabled
Description
Storage Logging records details of requests (read, write, and delete operations) against your Azure blobs. This policy identifies Azure storage accounts that do not have logging enabled for blobs. As a best practice, enable logging for read, write, and delete request types on blobs.
Usage
Run the control in your terminal:
powerpipe control run azure_compliance.control.storage_account_blobs_logging_enabled
Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_compliance.control.storage_account_blobs_logging_enabled --share
SQL
This control uses a named query:
storage_account_blobs_logging_enabled