Password Protection to verify container delete
Include an option to "Password Protect" storage containers so that a user must enter the account password to verify the deletion of a container -- this will help prevent accidental deletes.
Background: While doing some testing it became apparent how easy it was to delete a container and all blobs within it -- Simply click the Delete icon for any container and then click "Yes" to confirm and all your production blobs may soon be magnetic dust -- and because most production code will automatically (re)create a container if it does not exist, you will NOT be able to recover your data (see point 2 below):
This from Microsoft:
If you delete a Blob Storage Container, we cannot guarantee that the data can be recovered. We can initiate a best effort option, though; if the data hasn’t been garbage collected yet, we would open a critical response incident ticket as soon as possible. For more information, feel free to visit the Azure Storage webpage. Also, it is always good practice to keep a backup of your data, but if this were to happen, the hypothetical procedure (behind the scenes) would be:
1. Storage doesn’t provide in-place recovery, which means the data won’t be restored to the original storage account. Instead, it will be put in the secondary region.
2. We would ask you NOT to recreate the containers. It is crucial that a container with the same name is not made because this will overwrite the path to the pre-existing container, losing all chance of recovery
3. If the storage account in question is a LRS account, recovery is not possible. If it is GRS or RAGRS, we would ask you to execute the following steps:
a. You would need to generate a read+list permissions SAS token for the container you want to recover, setting the expiry time to be at least 7 days in the future so the recovery has time to be recovered.
b. You must make your account RAGRS via the portal. I would recommend doing this anyway, as the data is safer in this kind of storage.
Bottom line -- if you have a production system and some intern or newbie decides to delete a container that holds production data, you are basically doomed.