Control: Storage accounts should restrict public network access
Description
Azure Storage accounts should be configured to restrict public network access through virtual network rules.
Usage
Run the control in your terminal:
powerpipe control run azure_perimeter.control.storage_account_restrict_public_network_access
Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_perimeter.control.storage_account_restrict_public_network_access --share
Steampipe Tables
SQL
select sa.id as resource, case when public_network_access = 'Disabled' then 'ok' else 'alarm' end as status, case when public_network_access = 'Disabled' then sa.name || ' has public network access disabled.' else sa.name || ' has public network access enabled.' end as reason , sa.resource_group as resource_group , sub.display_name as subscriptionfrom azure_storage_account sa, azure_subscription subwhere sub.subscription_id = sa.subscription_id;