We help IT Professionals succeed at work.

Restricting Storage Account Access to vNet's in Different Regions

Medium Priority
184 Views
Last Modified: 2019-07-23
In Azure I am creating a storage account, but need it to be accessible from our vNet's only.  During the Storage Account setup you can specify a vNet. The problem is we have two separate vNets in two different regions that needs access to this account. Instead of using vNet can we create a NSG for our Storage Account?
Comment
Watch Question

Rohit AnandCloud Architect
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
Hey Compdigit44,

The best options is here to enable Vnet Peering between two vnets ..
It will allow those resources to talk to each other even they deployed I. Two separate vnets

Refer below article
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-peering-overview

Author

Commented:
But how can using a peered network help with the Storage Account firewall. Also from my understanding, in the Storage Account firewall, if you don't select a vnet all VM's will still be able to access the storage account because it would go over the Azure back bone is this correct?
Cloud Architect
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
That's correct but peered network gives you accessibility to talk resources from two vnet in the same/different region.
Try to check it out.. and let me know, if that works or not.