Remediation
From Azure Portal
First, follow Microsoft documentation and create shared access signature tokens for your blob containers. Then:
- Go to
Storage Accounts. - For each storage account, under the
Security + networkingsection, clickNetworking. - Set
Public Network AccesstoDisabled. - Click
Save.
From Azure CLI
Set Public Network Access to Disabled on the storage account:
az storage account update --name <storage-account> --resource-group <resource-group> --public-network-access Disabled
From PowerShell
For each Storage Account, run the following to set the PublicNetworkAccess setting to Disabled:
Set-AzStorageAccount -ResourceGroupName <resource group name> -Name <storage account name> -PublicNetworkAccess Disabled