Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

blinQ: Fix issue with wrong compliance state for blob storage with no table services. #1078

Closed
wants to merge 2 commits into from
Closed

blinQ: Fix issue with wrong compliance state for blob storage with no table services. #1078

wants to merge 2 commits into from

Conversation

heintonny
Copy link

The policy identify wrong policy state for blob storages with no table services.

We suggest this update to the policyRule to require at least 1 instance of tables.

@heintonny heintonny requested review from pilor and robga as code owners January 6, 2023 09:30
@heintonny
Copy link
Author

The sugested solution will require a new alias tables

@heintonny
Copy link
Author

Update commit. Changed to validate if

      {
        "field": "Microsoft.Storage/storageAccounts/tableServices/tables/tableName",
        "exists": true
      }

.... this seems to work. Simple blob storage accounts no longer get wrong compliance state, need to test if the policy still evaluate table storage correctly.

@robga
Copy link
Collaborator

robga commented Dec 7, 2023

Changes can not be made to built-in policies directly in this repo. If you find an issue in a built-in policy, feel free to open an issue, or open a Microsoft Azure support ticket. Changes to built-ins are made out-of-band and will be represented in this repo after the next built-in policy release.
https://github.com/Azure/azure-policy/tree/master/built-in-policies#contributing

I have notified the team who owns this built-in policy for the issue. They will triage it.

@robga robga closed this Dec 7, 2023
@robga robga reopened this Dec 7, 2023
@johnmic
Copy link

johnmic commented Dec 22, 2023

Storage Resource API team has looked into this, and it looks like there is an inconsistency in the LIST tableService and GET tableService APIs which is causing the issue. We plan to address it there and make it so a workaround like this should not be necessary.

@robga robga closed this Dec 25, 2023
@theautomationdude theautomationdude mentioned this pull request Jan 8, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pilor pilor Awaiting requested review from pilor

@robga robga Awaiting requested review from robga robga is a code owner

@cemheren cemheren Awaiting requested review from cemheren cemheren is a code owner

@gokmen-msft gokmen-msft Awaiting requested review from gokmen-msft gokmen-msft is a code owner

@calecarter calecarter Awaiting requested review from calecarter calecarter is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@heintonny @robga @johnmic