Ensure that backup snapshots, replicas, and cross-region copies of the service or a child resource are not more accessible than the primary resource.
Core / Ccc / Controls / v2025.10
Restrict Snapshot and Replica Access
CCC.Core.CN19 · Data Resilience
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Core.CP08 | Data Replication | The service automatically replicates data across multiple deployments simultaneously with parity, or may be configured to do so. |
| CCC.Core.CP12 | Recovery | The service can be reverted to a previous state by providing a compatible backup or snapshot identifier. |
| CCC.Core.CP21 | Resource Replication | The service may be configured to replicate child resources across multiple deployments. |
Related Threats
| ID | Title | Description |
|---|---|---|
| CCC.Core.TH05 | Interference with Replication Processes | Misconfigured or manipulated replication processes may lead to data being copied to unintended locations, delayed, modified, or not being copied at all. This could lead to compromised data confidentiality and integrity, potentially also affecting recovery processes and data availability. |
Assessment Requirements
| ID | Text | Applicability |
|---|---|---|
| CCC.Core.CN19.AR01 | When a snapshot or replica of the service or a child resource is created, the service MUST apply access controls that are equivalent to or stricter than those on the primary resource. | tlp-clear, tlp-green, tlp-amber, tlp-red |
| CCC.Core.CN19.AR02 | When cross-account or cross-subscription replication is configured, the service MUST restrict replica access to an explicit allowlist of authorized destination accounts or projects. | tlp-amber, tlp-red |