- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Disallowing public access for a storage account overrides the public access settings for individual containers in that storage account.
By default, Public access level
is set to Private (no anonymous access)
for blob containers and AllowBlobPublicAccess
is set to Null
(allow in effect) for storage accounts.
It is recommended that you avoid providing anonymous access to blob containers unless necessary. A Shared Access Signature (SAS) token or Azure AD RBAC should be used for providing controlled and timed access to blob containers. If no anonymous access is needed on any container in the storage account, it’s recommended to set allowBlobPublicAccess
to false at the account level, which prevents any container from accepting anonymous access in the future.
Access must be managed using shared access signatures or with Azure AD RBAC.
Note: You must create a SAS token for your blob containers before completing the following remediation steps.
First, follow Microsoft documentation and create SAS tokens for your blob containers. Then, follow the steps below:
Set Allow Blob Public Access to false
on the storage account.
az storage account update --name <storage-account> --resource-group <resource-group> --allow-blob-public-access false