Hi Dev, Surya •
- The machine where Python code is running needs to be able to access the source account.
- The machine running Python code needs to be able to access the destination account.
- As long as the above conditions are met, then the account-to-account copy will work (with no other firewall and network config). Effectively it will use the IP address of the client machine to authorize the source to destination traffic. I.e., it will securely work, without you needing to tell one storage account about the other.
When you have enabled selected network and IP address on the Storage account the source machine where you are trying the copy operation should have access to both source and destination storage account.
From the source storage account side, you have to allow the destination storage virtual network and source machine's public ip in the Firewall if it is on-prem machine or if you are running the python code on any Azure VM then you need to allow that VNET/subnet where the VM is deployed.
From the destination storage account side, you have to allow the source storage virtual network and subnet and source machine's publicIP in the Firewall if it is on-prem machine or if you are running the python code on any Azure VM then you need to allow that VNET/subnet where the VM is deployed.
Kindly let us know if you still have more questions on this. I wish to engage with you offline for a closer look and provide a quick and specialized assistance, please send an email with subject line “Attn:subm” to AzCommunity[at]Microsoft[dot]com referencing this thread and the Azure subscription ID, I will follow-up with you.
Once again, apologies for any inconvenience with this issue.
Thanks for your patience and co-operation.