| Plugin Title | Blob Container Private Access |
| Cloud | AZURE |
| Category | Blob Service |
| Description | Ensures that all blob containers do not have anonymous public access set |
| More Info | Blob containers set with public access enables anonymous users to read blobs within a publicly accessible container without authentication. All blob containers should have private access configured. |
| AZURE Link | https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blobs-introduction |
| Recommended Action | Ensure each blob container is configured to restrict anonymous access |
- Log into the Microsoft Azure Management Console.
- Select the "Search resources, services, and docs" option at the top and search for Storage account.
- Select the "Storage account" by clicking on the "Name" link to access the configuration changes.
- Click on the "Overveiw" in the selected "Storage account" and scroll down the right side of the settings and click on the "Blobs" option.
- Under the "Blobs" check for the "Public Access" and if it's set to Blob/Container then the selected "Blob" have anonymous public access level.
- Repeat steps number 2 - 5 to verify other Blobs in the "Storage accounts."
- Navigate to the "Storage accounts", select the "Storage account" and click on the "Name", select the "Overview" options and select the "Blob" which needs to have "Private access".
- Select the "Blob" and click on the "Change access level" at the top panel.
- On the "Change access level" tab, select the "Private (no anonymous access)" and click on the "OK" button to make the necessary changes.
- Repeat steps number 7 - 9 to ensure that all blob containers do not have anonymous public access level.
