Can I connect to Azure Blob over a port besides 443?

Samuel Roseman 20 Reputation points
2023-04-12T17:30:25.11+00:00

It seems our Firewall is open to Azure but port 443 is not included in the opened ports. Can I connect to Azure BLOB storage over a different port? Is the port configurable? Thanks!

Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,489 questions
{count} votes

Accepted answer
  1. Sumarigo-MSFT 44,081 Reputation points Microsoft Employee
    2023-05-02T06:07:25.9733333+00:00

    @Samuel Roseman Welcome to Microsoft Q&A Forum, Thank you for posting your query here!

    Adding more information to the above response:

    Port 443 allows data transmission over an encrypted network, while Port 80 enables data transmission in plain text

    Port 443 and 80 used by container blob access and Port 445 used by file share

    This article contains security recommendations for Blob storage. Implementing these recommendations will help you fulfill your security obligations as described in our shared responsibility model. For more information on how Microsoft fulfills service provider responsibilities Security recommendations for Blob storage

    Azure security baseline for Storage: https://learn.microsoft.com/en-us/security/benchmark/azure/baselines/storage-security-baseline

    Additional information: Now, with SFTP support for Azure Blob Storage, you can enable an SFTP endpoint for Blob Storage accounts with a single click. Then you can set up local user identities for authentication to connect to your storage account with SFTP via port 22.

    This article describes SFTP support for Azure Blob Storage. To learn how to enable SFTP for your storage account, see Connect to Azure Blob Storage by using the SSH File Transfer Protocol (SFTP).

    To create or update a security rule in the specified network security group. which can be used to enable ports 80 and 443 along with inbound rules:
    ttps://learn.microsoft.com/en-us/rest/api/virtualnetwork/securityrules/createorupdate

    Objects in Blob Storage can be accessed from anywhere in the world via HTTP or HTTPS. Users or client applications can access blobs via URLs, the Azure Storage REST API, Azure PowerShell, Azure CLI, or an Azure Storage client library. The storage client libraries are available for multiple languages, including .NET, Java, Node.js, Python, PHP, and Ruby.

    For more information about Blob Storage, see Introduction to Blob Storage.

    Please let us know if you have any further queries. I’m happy to assist you further.   


    Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Sreeju Nair 11,856 Reputation points
    2023-04-12T18:59:48.4833333+00:00

    You can enable SFTP endpoint to Azure Storage, so that the connection will be on port 22. Refer: https://learn.microsoft.com/en-us/azure/storage/blobs/secure-file-transfer-protocol-support-how-to?tabs=azure-portal Another option could be to use Azure Private Endpoint to connect to Storage account and use access the Private Endpoint through VPN. Refer: https://learn.microsoft.com/en-us/azure/private-link/tutorial-private-endpoint-storage-portal https://learn.microsoft.com/en-us/azure/storage/common/storage-private-endpoints Hope this helps