1

I have VNET with DMZ and multiple internal subnets configured. There is security requirement to block all the outbound internet connection for the internal subnets. Now, this VM needs to access Azure blob storage which hosted in the same region. I am wondering to access Azure Blob storage without outbound internet connection.

Pondering on questions like
1) Can I attach Azure Storage account in my azure VNET
2) Can there is existing solution, where I am access internet via JUMP-BOX network configuration, where my VM internet traffic goes via Jump box
3) Can this be achieve via Network ACLs or some better solution?

Now, this question is mix of networking and azure services, not sure of the right forum for this, server-fault or stack-overflow?

Improve this question

1 Answer 1

Reset to default
2

Azure Storage uses a public endpoint, as it's a multi-tenant service. You cannot add your Azure storage account to your VNet, since this is not an endpoint you control.

You'll need to access storage directly, via its <storagename>.blob.core.windows.net endpoint. How you ultimately accomplish that is up to you.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

This is no longer the case since VNet Service Endpoints have recently been introduced.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.