Control: Storage accounts should be migrated to new Azure Resource Manager resources
Description
Use new Azure Resource Manager for your storage accounts to provide security enhancements such as: stronger access control (RBAC), better auditing, Azure Resource Manager based deployment and governance, access to managed identities, access to key vault for secrets, Azure AD-based authentication and support for tags and resource groups for easier security management.
Usage
Run the control in your terminal:
powerpipe control run terraform_azure_compliance.control.storage_account_uses_azure_resource_managerSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run terraform_azure_compliance.control.storage_account_uses_azure_resource_manager --shareSQL
This control uses a named query:
select address as resource, case when (attributes_std -> 'resource_group_name') is null then 'alarm' else 'ok' end status, split_part(address, '.', 2) || case when (attributes_std -> 'resource_group_name') is null then ' does not use azure resource group manager' else ' uses azure resource group manager' end || '.' reason , path || ':' || start_linefrom terraform_resourcewhere type = 'azurerm_storage_account';