Storage containers storing activity logs should only be accessible by authorized personnel

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Description

Storage account containers containing activity log exports should not be publicly accessible. Allowing public access to activity log content may help an adversary identify weaknesses in the affected account’s usage or configuration.

Remediation

From the console

  1. Search for Storage Accounts in the Azure Portal.
  2. Click on the storage account name.
  3. Click Configuration under Settings.
  4. Select Enabled under Allow Blob public access.
  5. Click Containers under Data Storage on the side panel.
  6. Select the insights-activity-logs container.
  7. Click Change access level and set it to Private (no anonymous access), then click OK.