[英]Azure Functions access to Azure Storage Account Firewall
What am I trying to achieve我想达到什么目的
Connect to an Azure BLOB storage account that sits behind a firewall through an Azure Function.通过 Azure 函数连接到位于防火墙后面的 Azure BLOB 存储帐户。
Steps Taken so Far迄今为止采取的步骤
"outboundIpAddresses"
entry) and I add them in the firewall of the storage Account."outboundIpAddresses"
条目)并将它们添加到存储帐户的防火墙中。 Issue问题
While trying to run the Azure Function against the storage account with the firewall I am getting a Status: 500 Internal Server Error - This request is not authorized to perform this operation.
在尝试使用防火墙针对存储帐户运行 Azure 函数时,我收到
Status: 500 Internal Server Error - This request is not authorized to perform this operation.
What am I missing here?我在这里缺少什么?
You won't be able to achieve what you want here currently.您目前无法在这里实现您想要的。 When you hit the storage account from your funciton, because they are in the same region as each other, all the traffic goes over the internal Azure network on internal IP's, not the public IPs listed in the web app, and so is not allowed over the firewall (I have had this confirmed by Azure support).
当您从您的功能中访问存储帐户时,因为它们彼此位于同一区域,所有流量都通过内部 IP 上的内部 Azure 网络,而不是 Web 应用程序中列出的公共 IP,因此不允许通过防火墙(我已经通过 Azure 支持确认了这一点)。 Because you don't have access to the internal IPs of the function, and even if you did they can change, you can't whitelist them.
因为您无权访问该函数的内部 IP,即使您更改了它们,也无法将它们列入白名单。
If your resources were in different regions, traffic would go over the external IPs and you would have more success.如果您的资源位于不同的区域,流量将通过外部 IP,您将获得更大的成功。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.