Instead of using a power automate flow, replace it with a logic app and integrate that logic app with a virtual network That way your azure function can be within the same vnet and you can secure access so that the function app as well as the storage account doesn't have public access.
Power Automate and Logic app have essentially the same connectors. You can export your power automate and import as a logic app. You can reference Secure traffic between Standard workflows and virtual networks - Azure Logic Apps | Microsoft Learn on how to integrate a Logic App with a virtual network.