User Profile
AB_MN
Copper Contributor
Joined 2 years ago
User Widgets
Recent Discussions
Azure Storage RBAC
Is there a built-in Azure role(s) that will accomplish the following: - Create any Azure resource - Apply permissions to any Azure resource - Not have read access to resources unless explicitly granted Specifically, I am referring to a file share in a storage account. I would like to have a security "role" be able to do all of the above, but don't want them to be able to access the data in a file share unless they are explicitly granted permissions. There is a file share that would contain confidential documents that they security "role" should not be ableto access, and yes I know that the "role" could easily just give themselves access to that share if they really wanted to. Thanks for the help.1.1KViews0likes1CommentAzure storage account RBAC
Is there a built-in Azure role(s) that will accomplish the following: - Create any Azure resource - Apply permissions to any Azure resource - Not have read access to resources unless explicitly granted Specifically, I am referring to a file share in a storage account. I would like to have a security "role" be able to do all of the above, but don't want them to be able to access the data in a file share unless they are explicitly granted permissions. There is a file share that would contain confidential documents that they security "role" should not be ableto access, and yes I know that the "role" could easily just give themselves access to that share if they really wanted to. Thanks for the help.1.1KViews0likes1CommentFile Share with private endpoint
I am trying to mount a file share, using a private endpoint, on my local machine and am getting"Access Denied" errors. I am also unable to access it via the Portal when I have the firewall set to block public access. All of the infrastructure is in Azure, there is no on-prem. Here is a summary of the architecture Single VNet with only the default and VNet gateway subnets. Single storage account with 1 file share in the default subnet which has a private endpoint set up. VNet gateway which is configured for P2S connections. VPN is installed on my local machine and I am able to connect to the VNet. If I allow public access to the storage account, I can mount the file share just fine. If I block public access, I cannot mount it and am getting the error about port 445. I thought if I was using a VPN connection that I did not need to worry about the port 445 issue. However, it also seems odd that I cannot even browse the file share within the portal. Any help on this is appreciated.4.1KViews0likes3Comments
Groups
Recent Blog Articles
No content to show