Free Assessment

Azure_ActivityLogs_6

Ensure the storage account containing the container with activity logs is encrypted with BYOK (Use Your Own Key)

Description

The storage account with the activity log export container is configured to use BYOK (Use Your Own Key).

Remediation

Perform the following in the Azure Console:

  1. In right column, Click service Storage Accounts to access Storage account blade
  2. Click on the storage account name
  3. In Section SETTINGS click Encryption . It will show Storage service encryption configuration pane
  4. Check Use your own key which will expand Encryption Key Settings
  5. Use option Enter key URI or Select from Key Vault to set up encryption with your own key

Perform the following in Azure Command Line Interface 2.0:

az storage account update –name <name of the storage account> –resource-group <resource group for a storage account> –encryption-key-source=Microsoft.Keyvault –encryption-key-vault <Key Valut URI> –encryption-key-name <KeyName> –encryption-key-version <Key Version>

Service

Logging and Monitoring

Severity

High

Compliance

Mapping

Want to Know More?

Learn how our partners are managing their cloud security and compliance with Cloudlytics.

I hereby accept the GDPR and Privacy Policy, by subscribing to the newsletters.

Cloudlytics

Solutions

Resources

Company

Legal

Facebook Twitter Linkedin Youtube
Start Free Trial
Login

CLOSE

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!

Learn More