Hey everyone,
I'm using Azure and trying to set up the right security for our storage accounts.
I turned on Azure Storage firewalls and virtual network rules, but I'm still not sure how to best control who can access what for different apps and users.
I'm most worried about lowering the chance of accidental public access while still letting real services connect.
Has anyone had trouble setting up Azure Storage accounts in a safe way?
What are the best ways to make sure that least-privilege access doesn't break service connectivity?
How does this relate to Metabase?
I think you may have posted to the wrong board.
I'm asking this because some apps that work with Metabase need our Azure Storage.
I want to protect storage with the least amount of access possible without breaking service connections. Do you have any ideas?
Not sure we have people here with the experience you’re looking for.
There’s tons and tons of docs and best practices on how to secure Azure storage. It’s a very old problem. Google or your favorite AI agent should be able to help you with this.
Set up a test environment you can use to validate any permission changes don’t impact your apps.