Storage Accounts outside Brazil

Identify Storage Accounts outside of the following region: South America - Brazil (brazilsouth and brazilsoutheast)

Risk Level: Low
Cloud Entity: Azure Storage Account
CloudGuard Rule ID: D9.AZU.NET.65
Covered by Spectral: No
Category: Storage

GSL LOGIC

StorageAccount should have region='brazilsouth' or region='brazilsoutheast' and ( secondaryRegion='brazilsouth' or secondaryRegion='brazilsoutheast' or secondaryRegion isEmpty() )

REMEDIATION

Please refer to Azure documentations about Storage Accounts:
https://docs.microsoft.com/en-us/azure/storage/common/storage-create-storage-account

and

Azure documentations about Regions:
https://azure.microsoft.com/en-us/global-infrastructure/regions/#services

Azure Storage Account

An Azure storage account provides a unique namespace to store and access your Azure Storage data objects. All objects in a storage account are billed together as a group. By default, the data in your account is available only to you, the account owner.

Compliance Frameworks

  • Azure LGPD regulation
  • CloudGuard Azure All Rules Ruleset