What's new?
- Users can now enable/disable
Table loggingforStorage AccountsviaAzure > Storage > Storage Account > Table > Loggingcontrol. To get started, set theAzure > Storage > Storage Account > Table > Loggingpolicy.
Control Types
- Azure > Storage > Storage Account > Encryption at Rest
- Azure > Storage > Storage Account > Table
- Azure > Storage > Storage Account > Table > Logging
Policy Types
- Azure > Storage > Storage Account > Encryption at Rest
- Azure > Storage > Storage Account > Encryption at Rest > Customer Managed Key
- Azure > Storage > Storage Account > Table
- Azure > Storage > Storage Account > Table > Logging
- Azure > Storage > Storage Account > Table > Logging > Properties
- Azure > Storage > Storage Account > Table > Logging > Retention Days
Action Types
Azure > Storage > Storage Account > Update Encryption at Rest
Azure > Storage > Storage Account > Update Storage Account Table Logging
The Storage Account CMDB data will now also include information about the account's table service properties.
We've removed the dependency on
listKeyspermission forAzure > Storage Account > Container > Discoveryto run its course to completion. This release includes breaking changes in the CMDB data for containers. We recommend updating your existing policy settings to refer to the updated attributes as mentioned below.
Renamed:
isImmutableStorageWithVersioningEnabled to isImmutableStorageWithVersioning.enabled
Removed:
preventEncryptionScopeOverride
Bug fixes
- The
Azure > Storage > Storage Account > CMDBcontrol would go into an error state while trying to fetch default Queue and Blob properties if Guardrails did not have permission to list the storage account keys. The control will now not attempt to fetch default Queue and Blob properties if Guardrails does not have the required access forlistKeys, and will run its course to completion without going into an error state.