Catégorie : Divers

Identify Public Storage Account

Hi!

By default, a storage account allows public access to be configured for containers in the account, but does not enable public access to your data. Public access to blob data is never permitted unless you take the additional step to explicitly configure the public access setting for a container.

Microsoft introduced a new protection feature to help avoid public access on storage account. The feature introduces a new property named allowBlobPublicAccess.

Microsoft recommends that you disallow public access to a storage account unless your scenario requires it. Disallowing public access helps to prevent data breaches caused by undesired anonymous access.

In this article, I will you show you how you can identify these storage accounts with an Azure Graph query:

resources
| where type =~ 'Microsoft.Storage/storageAccounts'
| extend allowBlobPublicAccess = parse_json(properties).allowBlobPublicAccess
| project name, resourceGroup, allowBlobPublicAccess

Few months ago, I written an article to show you how you can identify these storage accounts with an audit Azure Policy: https://zigmax.net/identifier-les-comptes-de-stockage-publiques/ (This article is written in French).

Maxime.

Azure Graph – List Public IPs

Hi,

In this article, I will show you how you can list all the public IPs of your Azure tenant.

Please, run the following script in Azure Resource Graph Explorer:

 Resources
 | where type contains 'publicIPAddresses' and isnotempty(properties.ipAddress) 
 | project
     name,
     properties.ipAddress,
     properties.publicIPAllocationMethod 
 | limit 100 

Maxime.