NSG rule for Azure Storage

Shah, Gaurang 1 Reputation point
2021-07-06T16:56:26.45+00:00

Hi Guys,

I have one virtual network with two subnets. One subnet contains VM's and other subnet contains ADLS storage (it's connected to this subnet using private endpoint).

I need to write a NSG rule such that all the VM's inside virtual network can access this ADLS storage.

112286-image.png

  1. If I use VirtualNetwork and Storage tag for both inbound and outbound access. Does that mean I can access other storage as well, which are part of other subnets? What port should I mentioned?
  2. if I want to mentioned specific storage account, what port should I use? or should I mentioned all the ports?
Azure Data Lake Storage
Azure Data Lake Storage
An Azure service that provides an enterprise-wide hyper-scale repository for big data analytic workloads and is integrated with Azure Blob Storage.
1,335 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,133 questions
Azure Private Link
Azure Private Link
An Azure service that provides private connectivity from a virtual network to Azure platform as a service, customer-owned, or Microsoft partner services.
461 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. suvasara-MSFT 9,996 Reputation points
    2021-07-07T15:51:18.887+00:00

    @Shah, Gaurang , By design Azure private endpoint is not exposed to public internet. So, there is limitation on applying NSG above a private endpoint. But this limitation should not affect the communication between subnets in same VNET and should work well on approved authorization.

    ----------

    Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.