You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/azure-netapp-files/object-rest-api-introduction.md
+5Lines changed: 5 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -21,6 +21,11 @@ This mapping is accomplished by presenting a specified NAS directory hierarchy a
21
21
* Object REST API buckets are associated with volumes. Deleting the volume associated with a bucket permanently deletes the bucket. This action can't be undone.
22
22
* Buckets are supported with cool access-enabled volumes and with large volumes.
23
23
* You are responsible for maintaining the lifecycle of your bucket certificates. To check the expiration and renew certificates view the **Bucket** menu then check the **Certificate** status and **Certificate expiration date** fields.
24
+
* You must enable diagnostic logging on all Azure Key Vaults to ensure audit trails are available for security investigations.
25
+
* You must configure network access control lists (ACLs) to restrict Key Vault access to only authorized networks (NetApp VNet and customer VNet).
26
+
* You must implement separate Azure Key Vaults for certificates (read-only access) and S3 credentials (write access) to adhere to the principle of least privilege.
27
+
* You must store Azure Key Vaults object references for certificates and credentials in separate buckets to maintain proper access control boundaries.
0 commit comments