The microsoft guidance on securely providing access to a BLOB storage is using a shared access signature with a stored access policy. But this method connects over public internet.
I am looking for definitive guidance on setting up a site-to-site VPN from an on-prem environment so any data/file transfer between an on-prem machine/application, happens over the VPN tunnel and not over the public internet. I need the connection to be able to retrieve and add files into the BLOB from the on-prem environment.
any help is appreciated