💼 10.3.10 Ensure Azure Resource Manager Delete locks are applied to Azure Storage Accounts (Manual)
- ID:
/frameworks/cis-azure-v4.0.0/10/03/10
Description​
Azure Resource Manager CannotDelete (Delete) locks can prevent users from accidentally or maliciously deleting a storage account. This feature ensures that while the Storage account can still be modified or used, deletion of the Storage account resource requires removal of the lock by a user with appropriate permissions.
This feature is a protective control for the availability of data. By ensuring that a storage account or its parent resource group cannot be deleted without first removing the lock, the risk of data loss is reduced.
Similar​
Similar Sections (Give Policies To)​
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|