Notice "We're changing two default security settings in new Azure Storage accounts beginning in August 2023"

加賀崎 隼 185 Reputation points
2023-05-18T01:28:21.5166667+00:00

The following English text has been notified by e-mail, but I am at a loss as to what to do with this alone.

  1. I would like to know specifically where the part that is disabled by default in the attached photo is.
  2. Does this mean that the target of the deactivation is the new storage account and not the existing account?

-- Below is the original text --

We're changing two default security settings in new Azure Storage accounts beginning in August 2023

You're receiving this email because you use Azure Storage.

To align with security best practices, anonymous public access and cross-tenant replication settings in new Azure Storage accounts will soon be disabled by default in all clouds. We'll begin making this change across Azure regions on a rolling basis in August 2023.

We're turning these settings off to help prevent unintentional or malicious data access or replication in all new storage accounts created through any client, the storage REST API, and SDKs.

We recommend keeping these settings disabled. However, if you prefer to turn them on in accounts that you create after this change is implemented, learn how to enable anonymous access and cross-tenant replication. You may also completely opt out of the anonymous access setting being disabled by registering for "EnableAnonymousAccessForNewStorageAccounts" in the Azure portal, PowerShell, or REST API before August 2023.

If you use Azure Policy to enforce authorized access for storage accounts with "Deny" effect or replication within the same tenant, these settings will already be disabled and new accounts will not be affected.

Help and support

If you have questions, get answers from community experts in Microsoft Q&A. If you have a support plan and you need technical help, create a support request:

  1. For Issue type, select Technical.
  2. For Subscription, select your subscription.
  3. For Service, select My services.
  4. For Service type, select Blob Storage.
  5. For Resource, select the Azure resource you are creating a support request for.
  6. For Summary, type a description of your issue.
  7. For Problem type, select Authentication and Authorization for anonymous access or Data Migration for cross-tenant replication.
  8. For Problem subtype, select Issues using Anonymous Access for anonymous access or Issues with object replication for cross-tenant replication.
Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
3,171 questions
Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,862 questions
{count} vote

Accepted answer
  1. TP 95,556 Reputation points
    2023-05-18T01:31:26.88+00:00

    Hi,

    The new defaults only affect new storage accounts created starting in August 2023. Your existing storage accounts will be unchanged.

    For more information on how to enable Blob public access and/or cross-tenant replication for new storage accounts, please see these two articles:

    https://learn.microsoft.com/en-us/azure/storage/blobs/anonymous-read-access-configure

    https://learn.microsoft.com/en-us/azure/storage/blobs/object-replication-prevent-cross-tenant-policies

    If the above answers your question please click Accept Answer. If you still need assistance and/or further clarification please add a comment below.

    Thanks.

    -TP

    2 people found this answer helpful.

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.