SIMULATION -
You need to ensure that only devices connected to a 131.107.0.0/16 subnet can access data in the rg1lod10598168 Azure Storage account.
To complete this task, sign in to the Azure portal.
See the explanation below.
Step 1:
1. In Azure portal go to the storage account you want to secure. Here: rg1lod10598168
2. Click on the settings menu called Firewalls and virtual networks.
3. To deny access by default, choose to allow access from Selected networks. To allow traffic from all networks, choose to allow access from All networks.
4. Click Save to apply your changes.
Step 2:
1. Go to the storage account you want to secure. Here: rg1lod10598168
2. Click on the settings menu called Firewalls and virtual networks.
3. Check that you've selected to allow access from Selected networks.
4. To grant access to a virtual network with a new network rule, under Virtual networks, click Add existing virtual network, select Virtual networks and Subnets options. Enter the 131.107.0.0/16 subnet and then click Add.
Note: When network rules are configured, only applications requesting data over the specified set of networks can access a storage account. You can limit access to your storage account to requests originating from specified IP addresses, IP ranges or from a list of subnets in an Azure Virtual Network (VNet).
https://docs.microsoft.com/en-us/azure/storage/common/storage-network-securitySure, I'd be happy to help!
Here are the step-by-step instructions to ensure that only devices connected to a 131.107.0.0/16 subnet can access data in the rg1lod10598168 Azure Storage account:
Sign in to the Azure portal using your credentials.
Navigate to the "Azure Storage account" (i.e. rg1lod10598168) that you want to configure access for.
Click on the "Firewalls and virtual networks" option in the left-hand menu.
Under the "Firewalls and virtual networks" section, you will see three options:
"Allow access from": This option allows you to specify the IP addresses or IP address ranges that are allowed to access the storage account. Since we want to restrict access to only devices connected to the 131.107.0.0/16 subnet, we will use this option.
"Selected networks": This option allows you to select one or more virtual networks that can access the storage account. Since we want to restrict access based on IP address ranges, we will not use this option.
"Public endpoint": This option allows you to enable or disable access to the storage account via a public endpoint. Since we want to restrict access to only devices connected to the 131.107.0.0/16 subnet, we will disable this option.
Under the "Allow access from" section, select the "Selected networks" radio button.
In the "Add network rule" dialog box, enter the following details:
Name: A descriptive name for the network rule (e.g. "Subnet 131.107.0.0/16").
Virtual network: Select the virtual network that contains the subnet you want to allow access from.
Subnet: Enter the IP address range for the subnet you want to allow access from (i.e. 131.107.0.0/16).
Service endpoints: Leave this option as "None" unless you have specific service endpoints that you want to enable for this subnet.
Click the "Add" button to add the network rule.
Repeat steps 5-7 for any additional subnets that you want to allow access from.
Click the "Save" button to save your changes.
That's it! By following these steps, you have successfully restricted access to your Azure Storage account to only devices connected to the 131.107.0.0/16 subnet.