|
1 | 1 | # PSRule |
2 | 2 |
|
3 | | -## /workspaces/PsRule-Demo/modules/storage/v1/.tests/storage.tests.bicep : Microsoft.Resources/deployments |
4 | | - |
5 | | -- [X] Azure.Deployment.OutputSecretValue |
6 | | -- [X] Azure.Deployment.AdminUsername |
7 | | -- [X] Azure.Deployment.SecureValue |
8 | | -- [X] Azure.Deployment.OuterSecret |
9 | | -- [X] Azure.Template.ParameterStrongType |
10 | | -- [X] Azure.Template.ExpressionLength |
11 | | - |
12 | 3 | ## helper : Microsoft.Resources/deployments |
13 | 4 |
|
14 | 5 | - [X] Azure.Deployment.OutputSecretValue |
15 | 6 | - [X] Azure.Deployment.AdminUsername |
| 7 | +- [X] Azure.Deployment.SecureParameter |
16 | 8 | - [X] Azure.Deployment.SecureValue |
17 | 9 | - [X] Azure.Template.ParameterStrongType |
18 | 10 | - [X] Azure.Template.ExpressionLength |
19 | 11 | - [X] Azure.Deployment.Name |
20 | 12 |
|
21 | 13 | ## sapsruledemoqrgc : Microsoft.Storage/storageAccounts |
22 | 14 |
|
23 | | -- [X] Azure.Resource.UseTags |
| 15 | +- [ ] Azure.Resource.UseTags |
| 16 | + |
| 17 | +Consider tagging resources using a standard convention. Identify mandatory and optional tags then tag all resources and resource groups using this standard. |
| 18 | +Also consider using Azure Policy to enforce mandatory tags. |
| 19 | + |
| 20 | +- [X] Azure.Resource.AllowedRegions |
24 | 21 | - [X] Azure.Storage.SoftDelete |
25 | 22 | - [X] Azure.Storage.BlobAccessType |
26 | 23 | - [X] Azure.Storage.Name |
27 | 24 | - [X] Azure.Storage.ContainerSoftDelete |
28 | | -- [X] Azure.Storage.Firewall |
| 25 | +- [X] Azure.Storage.Defender.MalwareScan |
| 26 | +- [ ] Azure.Storage.Firewall |
| 27 | + |
| 28 | +Consider configuring storage firewall to restrict network access to permitted clients only. Also consider enforcing this setting using Azure Policy. |
| 29 | + |
29 | 30 | - [X] Azure.Storage.MinTLS |
30 | 31 | - [X] Azure.Storage.SecureTransfer |
31 | 32 | - [X] Azure.Storage.BlobPublicAccess |
0 commit comments