turbot/azure_compliance

Query: application_insights_block_log_ingestion_and_querying_from_public

Usage

powerpipe query azure_compliance.query.application_insights_block_log_ingestion_and_querying_from_public

SQL

select
a.id as resource,
case
when type = 'microsoft.insights/components' and public_network_access_for_ingestion = 'Enabled' and public_network_access_for_query = 'Enabled' then 'ok'
else 'alarm'
end as status,
case
when type = 'microsoft.insights/components' and public_network_access_for_ingestion = 'Enabled' and public_network_access_for_query = 'Enabled' then a.name || ' allows log ingestion and querying from public network.'
else a.name || ' does not allow log ingestion and querying from public network.'
end as reason
, a.resource_group as resource_group
, sub.display_name as subscription
from
azure_application_insight as a
left join azure_subscription sub on sub.subscription_id = a.subscription_id;

Controls

The query is being used by the following controls: