Storage containers storing activity logs should only be accessible by authorized personnel

azure.storage
이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

Storage account containers containing activity log exports should not be publicly accessible. Allowing public access to activity log content may help an adversary identify weaknesses in the affected account’s usage or configuration.

Remediation

From the console

  1. Search for Storage Accounts in the Azure Portal.
  2. Click on the storage account name.
  3. Click Configuration under Settings.
  4. Select Enabled under Allow Blob public access.
  5. Click Containers under Data Storage on the side panel.
  6. Select the insights-activity-logs container.
  7. Click Change access level and set it to Private (no anonymous access), then click OK.