Skip to main content

Remediation

From Azure Console

Go to Storage Accounts.
For each storage account, under Security + networking, click Networking.
Click the Firewalls and virtual networks heading.
Set Public network access to Enabled from selected virtual networks and IP addresses.
Add rules to allow traffic from specific networks and IP addresses.
Click Save.

From Azure CLI

Use the below command to update default-action to Deny:

az storage account update --name <StorageAccountName> --resource-group <resourceGroupName> --default-action Deny

From Azure Console
From Azure CLI