Network access bypass for Trusted Microsoft Services is not enabled on the storage account Affecting Storage service in Azure


Severity

0.0
medium
0
10
    Severity Framework
    Snyk CCSS
    Rule category
    Data / Access

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
    Frameworks
    CIS-Azure CIS-Controls
  • Snyk ID SNYK-CC-00598
  • credit Snyk Research Team

Description

Trusted network services cannot be whitelisted via network rules. When any network rule is configured, the trusted services will not be able to access the storage account. Note, by default there is no network rule configured.

How to fix?

Set properties.networkAcls.bypass attribute to `'Azure Services'. Ensure to add appropriate rules for your application alongside the proposed remediation step.