iCompaas Support

Description:
 To ensure that Azure Storage Accounts are configured with high availability and resilience, this recommendation mandates the use of Geo-Redundant Storage (GRS) for critical storage accounts. GRS replicates data asynchronously to a secondary region, providing data protection in the event of a regional failure.

Rationale:
 Geo-Redundant Storage (GRS) ensures that your data remains available even during regional outages, improving disaster recovery capabilities and ensuring business continuity. The asynchronous replication to a paired region helps prevent data loss during major failures, making it essential for critical storage.

Impact:
 Enabling GRS for Azure Storage Accounts will incur additional costs due to replication across regions. The setting ensures enhanced availability and protection of critical data, but there may be cost implications for storage and data transfer.

Default Value:
 By default, the Azure Storage Accounts might be set to Locally Redundant Storage (LRS), which only provides replication within the same region. Changing to GRS improves redundancy but increases costs.

Pre-requisites:

• Azure Subscription with Storage Accounts in use.
  
  

• Appropriate role permissions (Storage Account Contributor or higher) to modify redundancy settings.
  
  

Audit:

1. Sign in to the Azure Portal.
   
   

2. Navigate to Storage Accounts.
   
   

3. Select the critical Storage Account you wish to audit.
   
   

4. Under Settings, select Configuration.
   
   

5. Verify that Replication is set to Geo-Redundant Storage (GRS). If it is not set, proceed with remediation.
   
   

Implementation Steps:

1. Sign in to the Azure Portal as a Storage Account Contributor or higher.
   
   

2. Go to Storage Accounts in the left-hand navigation menu.
   
   

3. Select the critical Storage Account.
   
   

4. In the Settings section, click on Configuration.
   
   

5. Under Replication, ensure that Geo-Redundant Storage (GRS) is selected.
   
   

6. Save the changes to apply GRS redundancy.
   
   

Backout Plan:

1. Sign in to the Azure Portal as a Storage Account Contributor or higher.
   
   

2. Go to Storage Accounts in the left-hand navigation menu.
   
   

3. Select the critical Storage Account.
   
   

4. In the Settings section, click on Configuration.
   
   

5. Under Replication, change the setting to Locally Redundant Storage (LRS) or another redundancy option as per the previous configuration.
   
   

6. Save the changes.

References

• Azure Storage Redundancy Options

• Azure Storage Account Documentation