![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 39%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBM%3C/text%3E%3C/svg%3E)
Azure Storage
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
3,529 questions
@BM Welcome to Microsoft Q&A Forum, Thank you for posting your query here!
Apologies for the delay response here!
I would also recommend to post your query in developer community for more insights on your scenario. It would the better medium to get better help since the issue doesn't seem to be storage, but the CI/CD integration with it.
As I understand you're facing challenges accessing Azure Storage accounts from a selected network, even with private endpoints, and you don't want to rely on whitelisting specific IP addresses for your Continuous Integration/Continuous Deployment (CI/CD) process. Here are some possible workarounds and suggestions to address this issue I haven't tried/repro the issue in my lab.
Azure Firewall or Network Security Groups (NSGs) : Instead of whitelisting specific IP addresses, consider using Azure Firewall or NSGs to control access to your storage account. You can configure these network security features to allow traffic from your CI/CD pipeline or specific subnets.
Azure Managed Service Identity (MSI): If you're running code in Azure (e.g., Azure Functions, App Service), consider using Azure Managed Service Identity (MSI) for authentication. MSI allows your resources to authenticate.
Private Endpoints for CI/CD Agents: If your CI/CD process involves agents or runners running in a specific network, you can set up private endpoints for the CI/CD agents so they can access the storage account privately.
Please let us know if you have any further queries. I’m happy to assist you further.
Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.