Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
Can you confirm if
-
https://<YourStorageAccount>.blob.core.windows.net/demo/grafana.png
and -
https://<AFDEndPoint>/demo/grafana.png
works? - Here, in AFD, first make sure the URL works without any Rewrite, then you may proceed with creating Rewrite Rules.
I believe this error is coming directly from the Storage Account and not from AFD
- I see you have used Private EndPoint enabled. This would help you provide Network security
- However, storage account also has Authorization (either via Entra or Access keys).
- So, make sure that "demo" container is having Anonymous access level set to Container
- See : About anonymous read access
- Once done, please let me know if
https://<YourStorageAccount>.blob.core.windows.net/demo/grafana.png
andhttps://<AFDEndPoint>/demo/grafana.png
works or not?
NOTE:
- Public/private Networking access is different from authorization
- To test
https://<YourStorageAccount>.blob.core.windows.net/demo/grafana.png
, you will have to allow your Public IP in Storage Account Firewall - See : Grant access from an internet IP range
- For testing, allow every Public IP and test if you are able to access the Storage Account URL as above
Once you are able to get the Storage Account URI working, please check the same for AFD and let me know the results.
Cheers,
Kapil