To avoid network or permissions errors when configuring Azure workloads with Storage Accounts that allow access only from specific subnets or IP addresses—even if those IPs are whitelisted—you must ensure proper vNet whitelisting.
For more information, refer to Azure Storage Account network security documentation
Before You Begin
-
Ensure you have the necessary permissions to modify network and firewall settings on the Azure Storage Account.
-
Identify the subnets or IP addresses that require access to the storage account.
Procedure
-
Go to https://portal.azure.com and sign in with your credentials.
-
In the left navigation pane, select Storage accounts.
-
Click on the storage account you want to configure.
-
Go to the Networking tab.
-
To restrict access to only the specified virtual networks and IP addresses, under Network connectivity, select Enable public access from selected virtual networks and IP addresses.
-
In the Virtual networks section, select the appropriate Virtual network subscription.
-
From the Virtual network dropdown, select the virtual network that should have access to the storage account.
-
Specify any public IP addresses or address ranges that should have access, if needed.
-
Click Save to apply the network and firewall settings.