Remediation
From Azure Portalβ
- During Storage Account creation, in the
Encryptiontab, check the box next toEnable infrastructure encryption.
From Azure CLIβ
Replace the information within <> with appropriate values:
az storage account create \ --name <storage-account> \ --resource-group <resource-group> \ --location <location> \ --sku Standard_RAGRS \ --kind StorageV2 \ --require-infrastructure-encryption
From PowerShellβ
Replace the information within <> with appropriate values:
New-AzStorageAccount -ResourceGroupName <resource_group> ` -AccountName <storage-account> ` -Location <location> ` -SkuName "Standard_RAGRS" ` -Kind StorageV2 ` -RequireInfrastructureEncryption
Enabling Infrastructure Encryption after Storage Account Creationβ
If infrastructure encryption was not enabled on blob storage creation, there is no official way to enable it. Please see the additional information section.