Blob Container allows anonymous access

azure.storage

Description

Anonymous access to Azure storage blob containers allows unauthenticated users to perform operations against the blob container. Datadog recommends only allowing authenticated users access to storage blobs.

Remediation

From the Console

Follow the Set the public access level for a container - Azure Console guide to disable anonymous read access with the Azure Console.

Follow the Remediate anonymous public access for the storage account guide to block public access at the storage account level with the Azure Console.

From the Azure CLI

Follow the Set the public access level for a container - Azure CLI guide to disable anonymous read access with the Azure CLI.

Follow the Remediate anonymous public access for the storage account guide to block public access at the storage account level with the Azure CLI.