Azure and GCP Perimeter Security, CIS Updates, and Enhanced Plugins →
Powerpipe Hub 
Hub
Mods
turbot/steampipe-mod-azure-compliance
Overview
16Dashboards
1651Benchmarks
486Queries
8Variables
GitHub

Query: storage_account_container_soft_delete_enabled

Usage

powerpipe query azure_compliance.query.storage_account_container_soft_delete_enabled

Steampipe Tables

azure_storage_account
azure_subscription
Azure plugin

SQL

select
  sa.id as resource,
  case
    when
      blob_container_soft_delete_enabled
      and blob_container_soft_delete_retention_days between 7 and 365 then 'ok'
    else 'alarm'
  end as status,
  case
    when
      blob_container_soft_delete_enabled
      and blob_container_soft_delete_retention_days between 7 and 365 then
      sa.name || ' container soft delete is enabled with retention days: ' || blob_container_soft_delete_retention_days || '.'
    when
      (not blob_container_soft_delete_enabled or blob_container_soft_delete_enabled is null) then
      sa.name || ' container soft delete is disabled.'
    when
      blob_container_soft_delete_retention_days < 7 or blob_container_soft_delete_retention_days > 365 then
      sa.name || ' container soft delete retention days (' || blob_container_soft_delete_retention_days::text || ') is not between 7 and 365 days.'
  end as reason
  
  , sa.resource_group as resource_group
  , sub.display_name as subscription
from
  azure_storage_account sa
  left join azure_subscription sub on sub.subscription_id = sa.subscription_id;

Controls

The query is being used by the following controls: