Need help on storage container created with Public Access Level=Private (no anonymous access)

Sudipta 1 Reputation point

Q1 : If I create a storage container with 'Public Access Level=Private (no anonymous access)', does this mean that this container can only be accessed (without access keys of the parent storage account) from private end points (e.g. Virtual machines on VNets associated with the private end point) associated with the parent storage account ?

Q2: Is there any way to access such storage container with 'Public Access Level=Private (no anonymous access)' using Azure AD User Account

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
1,824 questions
Azure Private Link
Azure Private Link
An Azure service that provides private connectivity from a virtual network to Azure platform as a service, customer-owned, or Microsoft partner services.
327 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Pratik Somaiya 4,116 Reputation points

    Hello @Sudipta

    1) If the user have right access to the Storage Account then they can see the Private Containers as well, this is not related to private endpoint configurations

    2) When the access level is private that means there is no anonymous access to the container except for the ones that have access to it via Access Control

    When a container is configured for public access, any client can read data in that container. Public access presents a potential security risk, so if your scenario does not require it, Microsoft recommends that you disallow it for the storage account

    The following table summarizes how both settings together affect public access for a container:


    1 person found this answer helpful.
    0 comments No comments