Skip to main content

Remediation

From Azure Portal

First, follow Microsoft documentation and create shared access signature tokens for your blob containers. Then:

Go to Storage Accounts.
For each storage account, under the Security + networking section, click Networking.
Set Public Network Access to Disabled.
Click Save.

From Azure CLI

Set Public Network Access to Disabled on the storage account:

az storage account update \
    --name {{storage-account-name}} \
    --resource-group {{resource-group-name}} \
    --public-network-access Disabled

From PowerShell

For each Storage Account, run the following to set the PublicNetworkAccess setting to Disabled:

Set-AzStorageAccount `
    -ResourceGroupName {{resource-group-name}} `
    -Name {{storage-account-name}} `
    -PublicNetworkAccess Disabled

From Azure Portal
From Azure CLI
From PowerShell