Azure Storage Account: Firewall and virtual networks
Question
I have enabled Virtual Network and Firewall access restrictions for Azure Storage Account, but faced the issue, that I do not have an access to Storage Account from Azure Functions(ASE environment), despite fact that ASE public address is added as exception. Additionaly, I have added all environment's virtual networks just to make sure. Is there any way to check from which address functions/other services is trying to get an access to storage account? Also, I have a tick "Allow trusted Microsoft services to access this storage account ". I'm not sure what is included into "trusted Microsoft services".
In the Application Insight Functions logs, only timeout issue appears, without additional explanation.
Could you please help me to understand how to properly configure storage account access restriction?
1 answers
solution1
1 ACCPTED 2020-05-08 02:10:49
Have a look of this doc:
From your description, I think you dont give a RBAC role to your azure function to access the storage.
Do this steps:
If you need more operation. Like do something with the data. Do need to add more RBAC roles, have a look of this offcial doc to learn more about RBAC roles:
https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#all
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.