To enhance security and restrict the scope to only your OpenAI instance, consider these steps:
Specify Origins: Instead of using "*", explicitly specify the origins allowed in the CORS settings. For example, if your OpenAI instance is hosted at a specific domain, specify that domain as the allowed origin.
Token-Based Authentication: Implement token-based authentication to ensure that only authorized requests are accepted. You can include a token with your requests and validate it on the server side.
Use HTTPS: If possible, make sure your OpenAI instance and the storage account use HTTPS. This helps to secure data during transmission.
Networking Restrictions: Utilize Azure networking features, such as virtual networks and service endpoints, to restrict access to the storage account from specific networks.
Regularly Monitor and Audit: Regularly monitor and audit access to your storage account to detect any unauthorized activity.
Keep Software Updated: Ensure that all software components, including your OpenAI instance and storage account, are up-to-date with the latest security patches.
Please refer to the latest Azure and OpenAI documentation for the most accurate and up-to-date information on security best practices.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(227.2, 9%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 11%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERM%3C/text%3E%3C/svg%3E)
