![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 57.00000000000001%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDP%3C/text%3E%3C/svg%3E)
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,821 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(297.6, 81%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
Hi Devin Payne - Thanks for reaching out.
Disable the account keys access would disable the auth coming via Shared Keys , Account or Service SAS and the calls shall return a 403 during authorization.
https://learn.microsoft.com/en-us/azure/storage/common/shared-key-authorization-prevent?tabs=portal
However you mentioned that you are using MI so there appears to be some configuration which might be using access keys and hence resulting into failure.
You can start by enabling the diagnostic logging to check the auth method being passed. if you observe auth method other that OAUTH (i.e. AD) such as Shared Key or SAS this shall help in isolation.
https://learn.microsoft.com/en-us/azure/storage/blobs/monitor-blob-storage?tabs=azure-portal
Hope that helps!