Network security configurations play a critical role in safeguarding cloud-based resources, applications, and data from various security threats.

Secure access to storage account via web app

Let’s assume we have a storage account, “educativestorage,” and a web app through which we will access the storage account. We want the access to the storage account to be secure and private, i.e., no public access to the storage account. For this purpose, we’ll have to perform the following steps:

  • Create a private endpoint for the storage account in the subnet of a virtual network.

  • Create a virtual network integration for the web app in a different subnet of the same virtual network.

  • Disable all types of public access to the storage account.

In the diagram below, the private endpoint for the storage account provides secure connectivity to services within the virtual network, and the virtual network integration provides the web app service presence in the virtual network and allows it to connect to resources in the virtual network. For checking the connectivity of the web app with the storage account, we’ll not deploy any application. Instead, we’ll use the managed identity of the web app.

Get hands-on with 1400+ tech skills courses.