Blob Containers anonymous access should be restricted

Documentos > Datadog Security > OOTB Rules > Blob Containers anonymous access should be restricted

Esta página aún no está disponible en español. Estamos trabajando en su traducción.
Si tienes alguna pregunta o comentario sobre nuestro actual proyecto de traducción, no dudes en ponerte en contacto con nosotros.

Description

Ensures that Azure Storage Blob Containers are not publicly accessible.

Rationale

Anonymous access to Azure storage blob containers allows unauthenticated users to perform operations against the blob container. Datadog recommends only allowing authenticated users access to storage blobs.

Remediation

Datadog recommends both making the Blob Container private, and blocking public access at the storage account level.

From the Console

Follow the Set the public access level for a container - Azure Console guide to disable anonymous read access with the Azure Console.

Follow the Remediate anonymous public access for the storage account guide to block public access at the storage account level with the Azure Console.

From the Azure CLI

Follow the Set the public access level for a container - Azure CLI guide to disable anonymous read access with the Azure CLI.

Follow the Remediate anonymous public access for the storage account guide to block public access at the storage account level with the Azure CLI.