Hi, @Mohsen Abdalla
I suggest two methods.
---
Suggestion 1:
The best access management method for Azure Blob Storage is Azure AD based management without shared keys or SAS.
Applications can be authenticated by Azure AD and obtain OAuth 2.0 tokens. You can then use that token to authorize requests to the Blob service.
There are many ways to integrate Azure AD into your application. Please check the following documentation:
https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/auth-sync-overview
---
Suggestion 2:
You can also connect AWS VPC and Azure VNET with VPN etc. and restrict access to Azure Storage only from specific networks.
https://learn.microsoft.com/en-us/azure/storage/common/storage-private-endpoints