Microsoft Storage
Best practices and references below are based on published guidance from the cloud service provider and may reference native capabilities the cloud service provider offers. If you are not using the native security capabilities, the same security requirement can be met using other security capabilities your organization utilizes
Design Guidance:
Tags | ||
Tags-Additional Properties |
Design Guidance:
Identity-Type |
Design Guidance:
Blob-Enabled | ||
Blob-Key Type |
Design Guidance:
Encryption-Key Source | ||
Encryption-Keyvaultproperties | ||
Keyvaultproperties-Keyname | ||
Keyvaultproperties-Keyversion | ||
Keyvaultproperties-Keyvaulturi |
Design Guidance:
Network Acls-Bypass | ||
Virtual Network Rules-Id | ||
Virtual Network Rules-Action | ||
Virtual Network Rules-State |
Network Acls-Ip Rules | ||
Ip Rules-Value | ||
Ip Rules-Action | ||
Network Acls-Default Action |
Design Guidance:
Access Tier |
Design Guidance:
Supports HTTPS Traffic Only |
Routing Preference-Routing Choice | ||
Routing Preference-Publish Microsoft Endpoints | ||
Routing Preference-Publish Internet Endpoints |
Cors | |
Cors Rules-Allowed Methods |
Cors Rules-Allowed Methods |
Cors-Cors Rules | |
Cors Rules-Allowed Origins | |
Cors Rules-Max Age In Seconds | |
Cors Rules-Exposed Headers | |
Cors Rules-Allowed Headers |
Cors | |
Cors-Cors Rules | |
Cors Rules-Allowed Origins | |
Cors Rules-Max Age In Seconds | |
Cors Rules-Exposed Headers | |
Cors Rules-Allowed Headers |
Delete Retention Policy-Enabled | |
Delete Retention Policy-Days |
Design Guidance:
Automatic Snapshot Policy Enabled |
Public Access |
Azure Files Identity Based Authentication-Active Directory Properties | ||
Active Directory Properties-Domain Name | ||
Active Directory Properties-Net Bios Domain Name | ||
Active Directory Properties-Forest Name | ||
Active Directory Properties-Domain Guid | ||
Active Directory Properties-Domain Sid | ||
Active Directory Properties-Azure Storage Sid |
Design Guidance:
Name | |
Private Link Service Connection State-Status | |
Private Link Service Connection State-Description | |
Private Link Service Connection State-Action Required |
Provisioning State |
Last modified 1yr ago