Remediation
From Azure Portalβ
- Go to
Storage Accounts. - For each Storage Account, under
Data management, go toData protection. - Check the box next to
Enable soft delete for blobs. - Check the box next to
Enable soft delete for containers. - Set the retention period for both to a sufficient length for your organization.
- Click
Save.
From Azure CLIβ
Update blob storage retention days in below command:
az storage blob service-properties delete-policy update --days-retained <RetentionDaysValue> --account-name <StorageAccountName> --account-key <AccountKey> --enable true
Update container retention with the below command:
az storage account blob-service-properties update --enable-container-delete-retention true --container-delete-retention-days <days> --account-name <storageAccount> --resource-group <resourceGroup>