Skip to content

Commit 21fa5ac

Browse files
committed
Add private access for storage scanner from defender
1 parent 3912ca9 commit 21fa5ac

File tree

1 file changed

+4
-0
lines changed

1 file changed

+4
-0
lines changed

code/infra/storage.tf

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,10 @@ resource "azurerm_storage_account" "storage" {
3434
default_action = "Deny"
3535
ip_rules = []
3636
virtual_network_subnet_ids = []
37+
private_link_access {
38+
endpoint_resource_id = "/subscriptions/${data.azurerm_client_config.current.subscription_id}/providers/Microsoft.Security/datascanners/storageDataScanner"
39+
endpoint_tenant_id = data.azurerm_client_config.current.tenant_id
40+
}
3741
}
3842
nfsv3_enabled = false
3943
public_network_access_enabled = false

0 commit comments

Comments
 (0)