Logic App Standard - Get blob from Storage Account with Private Endpoint

Copper Contributor



We have a Logic App Standard. It is configured to use Virtual Networking.

In Workflows, we need to be able to get blobs from Storage Account. We need to be able to connect privately, and authenticating using Managed identity.

Storage Account has public networking disabled.



When using "Get blob content (V2) in Logic App, it seems like the traffic goes through some Azure-managed site "azureblob-ne.azconn-ne-003.p.azurewebsites.net".


So instead of "Logic App" > "Storage Account", the traffic flow seems to be;
"Logic App" > "Azure Connector(azureblob-ne.azconn-ne-003.p.azurewebsites.net)" -> "Storage Account."


Hence whitelisting the subnet where Logic App does not help, as the traffic to the Storage account comes from the Azure Connector, which is some managed service. 


Is that correct?

Or should it be possible to use "Get blob content (V2)" privately within the VNET?





0 Replies