AzPolicyAdvertizer

last sync: 2023-Jun-19 17:45:01 UTC

Community Policy definition

Configure blob soft delete on a storage account

Name Configure blob soft delete on a storage account
Community-Policy GitHub
Id 38ddaa31-ee1f-49c4-9c44-891c24aaed9b
Version 1.0.0
details on versioning
Category Storage
Microsoft docs
Description Blob soft delete protects an individual blob, snapshot, or version from accidental deletes or overwrites by maintaining the deleted data in the system for a specified period of time. During the retention period, you can restore a soft-deleted object to its state at the time it was deleted. After the retention period has expired, the object is permanently deleted. https://learn.microsoft.com/en-us/azure/storage/blobs/soft-delete-blob-overview
Mode All
Type Custom Community
Effect Default
Modify
Allowed
Modify, Deny, Audit, Disabled
Used RBAC Role
Role Name Role Id
Storage Account Contributor 17d1049b-9a84-46fb-8f53-869881c3d3ab
Rule Aliases IF (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Storage/storageAccounts/blobServices/deleteRetentionPolicy.enabled Microsoft.Storage storageAccounts/blobServices properties.deleteRetentionPolicy.enabled true
THEN-Operations (2)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Storage/storageAccounts/blobServices/deleteRetentionPolicy.days Microsoft.Storage storageAccounts/blobServices properties.deleteRetentionPolicy.days true
Microsoft.Storage/storageAccounts/blobServices/deleteRetentionPolicy.enabled Microsoft.Storage storageAccounts/blobServices properties.deleteRetentionPolicy.enabled true
Rule ResourceTypes IF (1)
Microsoft.Storage/storageAccounts/blobServices
JSON