HIGH
Source
CloudSploit
ID
blob-service-immutable

Blob Service Immutable

Ensures data immutability is properly configured for blob services to protect critical data against deletion

Immutable storage helps store data securely by protecting critical data against deletion.

Follow the appropriate remediation steps below to resolve the issue.

  1. Log in to the Microsoft Azure Management Console.

  2. Find the search bar at the top and search for “Storage accounts”. Step

  3. Select the “Storage account” by clicking on the “Name” link to access the configuration changes. Step

  4. In the left navigation panel click on “Containers” under “Data Storage” Step

  5. In the Containers List, select the container by clicking on the triple dots (…) on the extreme right and select “Access Policy”.Step

  6. In the “Access Policy” panel check the “Permissions” associated with the “Blob”. If the “Blob” allow full (racwdl) read, add, create, write, delete, or list permissions then the selected “Blob” is not properly configured in blob services to protect critical data against deletion.Step

  7. To change permissions in the “Access Policy” panel, click on triple dots (…) at the right and select “Edit”.Step

  8. Uncheck the “Add/Write/Detele/List” policies under the “Permissions” and click on the “OK” button to make the changes.Step

  9. Repeat steps number 5 - 8 to ensure data immutability is properly configured in blob services to protect critical data against deletion.