Vulnerabilities
Misconfiguration
Runtime Security
Compliance
Azure > Blob Service >

Blob Service Immutable

HIGH
Source
CloudSploit
ID
blob-service-immutable
management console

Blob Service Immutable

Ensures data immutability is properly configured for blob services to protect critical data against deletion

Immutable storage helps store data securely by protecting critical data against deletion.

Follow the appropriate remediation steps below to resolve the issue.

  1. Log in to the Microsoft Azure Management Console.

  2. Find the search bar at the top and search for “Storage accounts”. Step

  3. Select the “Storage account” by clicking on the “Name” link to access the configuration changes. Step

  4. In the “Data Management” Section, Click on the “Data protection” tab. Enable the Soft delete for blobs or containers based on your required level and save.Step

  5. Now, in the left navigation panel click on “Containers” under “Data Storage” Step

  6. In the Containers List, select the container by clicking on the triple dots (…) on the extreme right and select “Access Policy”.Step

  7. In the “Access Policy” panel, create immutable blob storage access policy in the containers (time-based or legal hold).Step

  8. To create a policy with container scope, don’t check the box for Enable version-level immutability and click save.

  9. Repeat steps number 5 - 8 to ensure data immutability is properly configured in blob services to protect critical data against deletion.

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use