Control: Recovery Services vaults should use managed identity

Description

Recovery Services vaults should use a managed identity for enhanced authentication security.

Usage

Run the control in your terminal:

powerpipe control run azure_compliance.control.recovery_service_vault_uses_managed_identity

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run azure_compliance.control.recovery_service_vault_uses_managed_identity --share

SQL

This control uses a named query:

select
  s.id as resource,
  case
    when identity is null or identity ->> 'type' = 'None' then 'alarm'
    else 'ok'
  end as status,
  case
    when identity is null or identity ->> 'type' = 'None' then name || ' not uses managed identity.'
    else name || ' uses managed identity.'
  end as reason
  
  , s.resource_group as resource_group
  , sub.display_name as subscription
from
  azure_recovery_services_vault as s,
  azure_subscription as sub
where
  sub.subscription_id = s.subscription_id;

Control: Recovery Services vaults should use managed identity

Description

Usage

SQL

Tags