@Sumanth Gm Thanks for reaching out. When you enable "Enabled from selected virtual networks and IP addresses" option on the virtual networking configuration on the storage account then your storage account can only communicate with the configured virtual network and IP address that you have define. So, either your function/app service should be part of the same virtual network that you have configured on the storage account networking blade, or you can add the outbound IP addresses of your function/webapps. To find the IP address you can refer to this document and add those outbound IP addresses on the allowed IP address list for your storage account.
As azure function/webapp is not listed as the trusted service so enabling the Exception "Allow Azure services on the trusted services list to access this storage account" would not help in this scenario.
Either you need to add the outbound IP address, or the function/app service should be on the same virtual network to communicate with the storage account when you have enabled "Enabled from selected virtual networks and IP addresses".
Note: The outbound IP address of an Azure function can change depending on the hosting plan. In a Consumption or Premium plan, the outbound IP address may change due to autoscaling behaviors. If you need to control the outbound IP address, you can consider implementing a virtual network NAT gateway while running in a Premium hosting plan or by running in a Dedicated (App Service) plan. In a Dedicated plan, the set of available outbound IP addresses for a function app might change when you take any action that can change the inbound IP address or change your Dedicated (App Service) plan pricing tier
Feel free to get back to me if you have any queries or concerns.
Please 'Accept as answer' and ‘Upvote’ if it helped so that it can help others in the community looking for help on similar topics.