💼 10.3.10 Ensure Azure Resource Manager Delete locks are applied to Azure Storage Accounts (Manual)
- ID:
/frameworks/cis-azure-v4.0.0/10/03/10
Stats​
not available
Description​
Azure Resource Manager CannotDelete (Delete) locks can prevent users from accidentally or maliciously deleting a storage account. This feature ensures that while the Storage account can still be modified or used, deletion of the Storage account resource requires removal of the lock by a user with appropriate permissions. This feature is a protective control for the availability of data. By ensuring that a storage account or its parent resource group cannot be deleted without first removing the lock, the risk of data loss is reduced.
Similar​
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 CIS Azure v5.0.0 → 💼 9.3.9 Ensure Azure Resource Manager Delete locks are applied to Azure Storage Accounts (Manual) | 1 | no data |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|