| Plugin Title | Blob Service Immutable |
| Cloud | AZURE |
| Category | Blob Service |
| Description | Ensures data immutability is properly configured for blob services to protect critical data against deletion |
| More Info | Immutable storage helps store data securely by protecting critical data against deletion. |
| AZURE Link | https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-immutable-storage#Getting-started |
| Recommended Action | Enable a data immutability policy for all storage containers in the Azure storage account. |
- Log into the Microsoft Azure Management Console.
- Select the "Search resources, services, and docs" option at the top and search for Storage account.
- Select the "Storage account" by clicking on the "Name" link to access the configuration changes.
- Click on the "Overveiw" in the selected "Storage account" and scroll down the right side of the settings and click on the "Blobs" option.
- On the "Blobs" page select the "Blob" by clicking on the "Name" as a link to access the configuration changes.
- In the selected "Blob", click on the "Access Policy" and check the "Permissions" assosciated with the "Blob". If the "Blob" allow full read,add,create,write, delete, or list permissions then the selected "Blob" is not properly configured in blob services to protect critical data against deletion.
- Repeat steps number 2 - 6 to verify other "Blobs" in the Storage accounts.
- Navigate to the "Storage accounts", select the "Storage account" and click on the "Name", select the "Overview" options and select the "Blob" by clicking on the "Name" as a link to access the configurations.
- On the "Blob" configuration click on the "Access Policy" option and select the "Edit" option to make the changes.
- Uncheck the "Add/Write/Detele/List" policies under the "Permissions" and click on the "OK" button to make the changes.
- Repeat steps number 8 - 10 to ensures data immutability is properly configured in blob services to protect critical data against deletion.
