Private Endpoints should be used to access Storage Accounts

azure.storage_account

Description

Private endpoints for your Azure Storage accounts allow clients and services to securely access data located over a network through an encrypted Private Link. Securing traffic between services through encryption protects the data from easy interception and reading.

Remediation

  1. Identify Azure Storage accounts that do not require public access.
  2. Review the ‘Use private endpoints for Azure Storage’.
  3. Create the private endpoint by using Azure CLI or Azure Powershell