For AI agents: A markdown version of this page is available at https://docs.datadoghq.com/security/default_rules/def-000-etc.md. A documentation index is available at /llms.txt.

Azure storage accounts should not allow cross tenant replication

azure.storage

Description

Cross-tenant replication in Azure enables replicating storage account data from a source in one Azure AD tenant to a destination in another. This allows replication of data outside of your tenant, significantly increasing the risk of data leakage and unauthorized access.

Remediation

To disable cross-tenant replication, see Prevent object replication across Microsoft Entra tenants.