Pattern: Enabled public access for Azure storage container
Issue: -
Storage container public access should be off. It can be configured for blobs only, containers and blobs or off entirely. The default is off, with no public access.
Explicitly overriding publicAccess to anything other than off should be avoided.
Resolution: Disable public access to storage containers.
Example of incorrect code:
resource "azure_storage_container" "bad_example" {
name = "terraform-container-storage"
container_access_type = "blob"
properties = {
"publicAccess" = "blob"
}
}Example of correct code:
resource "azure_storage_container" "good_example" {
name = "terraform-container-storage"
container_access_type = "blob"
properties = {
"publicAccess" = "off"
}
}