'Trusted Microsoft Services' should be enabled for Storage Account access

azure.storage
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Description

Enabling firewall rules for a storage account restricts incoming data requests, including those from other Azure services, such as using the portal or writing logs. However, by enabling Trusted Microsoft Services through exceptions, you can regain access to services like Monitor, Networking, Hubs, and Event Grid. Additionally, this exception allows for backing up and restoring virtual machines using unmanaged disks in storage accounts with network rules applied. To ensure smooth operation of these services, it is recommended to enable the exception for Trusted Microsoft Services.

Remediation

From the console

  1. Go to Storage Accounts
  2. For each storage account, click on the settings menu called Firewalls and Virtual Networks.
  3. Ensure that Allow access from selected networks is enabled.
  4. Enable Allow trusted Microsoft services to access this storage account.
  5. Click Save to apply your changes.