I’m seeing many Azure findings consistently showing as UNKNOWN even after applying all required Storage and Key Vault permissions.
This is not an IAM issue. Based on verification:
- The Storage Accounts do not have File/Queue/Table services enabled, but CloudSploit still marks ACL-related checks as UNKNOWN instead of FAIL.
- The Key Vaults are using RBAC authorisation and contain no keys/secrets/certificates with expiry, causing checks like keyExpirationEnabled, secretExpirationEnabled, rsaCertificateKeySize, and keyVaultKeyExpiryNonRbac to always return UNKNOWN.
The results do not change.
This looks like a CloudSploit evaluation logic issue, not a permissions gap.
Please confirm if these checks should return FAIL when the underlying Azure service/config isn’t present or when the vault uses RBAC mode.
I’m seeing many Azure findings consistently showing as UNKNOWN even after applying all required Storage and Key Vault permissions.
This is not an IAM issue. Based on verification:
The results do not change.
This looks like a CloudSploit evaluation logic issue, not a permissions gap.
Please confirm if these checks should return FAIL when the underlying Azure service/config isn’t present or when the vault uses RBAC mode.