turbot/azure_compliance

Control: Storage account logging (Classic Diagnostic Setting) for blobs should be enabled

Description

Storage Logging records details of requests (read, write, and delete operations) against your Azure blobs. This policy identifies Azure storage accounts that do not have logging enabled for blobs. As a best practice, enable logging for read, write, and delete request types on blobs.

Usage

Run the control in your terminal:

powerpipe control run azure_compliance.control.storage_account_blobs_logging_enabled

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run azure_compliance.control.storage_account_blobs_logging_enabled --share

SQL

This control uses a named query:

storage_account_blobs_logging_enabled

Tags