Storage Table Allows All ACL Permissions
- Query id: 3ac3e75c-6374-4a32-8ba0-6ed69bda404e
- Query name: Storage Table Allows All ACL Permissions
- Platform: Terraform
- Severity: Medium
- Category: Access Control
- URL: Github
Description¶
Azure Storage Table should not allow all ACL (Access Control List) permissions - r (read), w (write), d (delete), and l (list).
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "azurerm_storage_table" "table_resource" {
name = "my_table_name"
storage_account_name = "mystoragexxx"
acl {
id = "someid-1XXXXXXXXX"
access_policy {
expiry = "2022-10-03T05:05:00.0000000Z"
permissions = "rwdl"
start = "2021-05-28T04:05:00.0000000Z"
}
}
}