...
Require Secure Transfer during the creation of the ressource Storage Account. So, a call to an Azure Storage REST API operation must be made over HTTPS.
Configuration of Firewalls and Virtual Networks : There are 2 configurations to take account…
Configure access from on-premise networks : Configure Azure Storage firewalls and virtual networks | Microsoft Learn
To allow access to your service resources, you must allow these public IP addresses in the firewall setting for resource IPs (Azure ExpressRoute, VPN).Configure access from Other Azure Services / Azure Ressources : Configure Azure Storage firewalls and virtual networks | Microsoft Learn
We can control access to Storage Account over network endpoints, from selected virtual network subnets using private endpoints and not using service endpoints. Virtual Network Service Endpoints are public and accessible via Internet and we don’t want that. On the other side, Virtual Network Private Endpoints use a private IP address to access the Storage Account over the Microsoft backbone network.
...
| Info |
|---|
When you create a private endpoint, the DNS CNAME resource record for the storage account is updated to an alias in a subdomain with the prefix |
Logging & threat detection : Defender for App Service & Diagnostic log with Azure Monitor.
...