<  Back to rules search

Immutable Blob Storage is enabled

azure.storage

Set up the azure.storage integration.

Description

Immutability is enabled for Azure Storage Blobs.

Rationale

Immutability for Azure Blob enables Writes once read many (WORM) state storage, which protects data from being overwritten or deleted.

The two types of immutability policies are time-based retention and legal hold. Time-based policies are cleared when the time period expires. Legal holds are cleared when they are manually modified.

Remediation

From the console

Follow the Enable version-level immutability support on a storage account - Azure Console guide to enable version-level immutability with the Azure Console.

From the command line

Follow the Enable version-level immutability support on a storage account - Azure CLI guide to enable version-level immutability with the Azure CLI.