Skip to main content

Remediation

From Azure Portal

Go to Storage Accounts.
For each storage account, under Security + networking, click Networking.
Click the Firewalls and virtual networks heading.
Set Public network access to Enabled from selected virtual networks and IP addresses.
Add rules to allow traffic from specific networks and IP addresses.
Click Save.

From Azure CLI

Use the following command to update default-action to Deny:

az storage account update \
    --name {{storage-account-name}} \
    --resource-group {{resource-group-name}} \
    --default-action Deny

From Azure Portal
From Azure CLI