Azure storage account has a blob container with public access
Description
Code Example
terraform
resource "azurerm_storage_account" "example" {
name = "examplestoracc"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "LRS"
# ... other configurations ...
+ allow_nested_items_to_be_public = false
# ... other configurations ...
}Remediation
Terraform
Resource:
- azurerm_storage_account
Arguments:
- allow_nested_items_to_be_public
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0697 |
| Severity | HIGH |
| IaC Type | Terraform |
| Frameworks | Terraform, |
| Checkov ID | CKV_AZURE_190 |