Control: Soft delete for Azure File Shares should be enabled
Description
Enable soft delete for Azure File Shares to allow recovery of data that is mistakenly deleted by an application or user.
Usage
Run the control in your terminal:
powerpipe control run azure_compliance.control.storage_account_file_share_soft_delete_enabled
Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_compliance.control.storage_account_file_share_soft_delete_enabled --share
SQL
This control uses a named query:
with storage_account_with_file_share as ( select distinct storage_account_name, subscription_id, resource_group from azure_storage_share_file)select sa.id as resource, case when fs.storage_account_name is null then 'skip' when file_soft_delete_enabled and file_soft_delete_retention_days between 1 and 365 then 'ok' else 'alarm' end as status, case when fs.storage_account_name is null then name || ' does not have file share.' when not file_soft_delete_enabled then name || ' file share soft delete disabled.' when file_soft_delete_retention_days < 1 or file_soft_delete_retention_days > 365 then name || ' file share soft delete retention days (' || file_soft_delete_retention_days || ') not between 1 and 365.' else name || ' file share soft delete enabled with ' || file_soft_delete_retention_days || ' days retention.' end as reason , sa.resource_group as resource_group , sub.display_name as subscriptionfrom azure_storage_account sa left join storage_account_with_file_share as fs on sa.name = fs.storage_account_name and sa.subscription_id = fs.subscription_id and sa.resource_group = fs.resource_group left join azure_subscription sub on sub.subscription_id = sa.subscription_id;