Our software uses Azure.Core, Azure.Storage.Blobs and Azure.Storage.Common to interact with Azure Blob Storage Accounts held in North Europe (i.e. Ireland)
We store files in various containers in such Storage Accounts
Some of our clients have very strict policies regarding access to "the internet" and we are asked to provide some information about this, and I have to admit I'm not sure.
I can do something like ping someblobaccounthere.blob.core.windows.net and that will give me an IP address, but will it always be the same IP address? How do Azure.Storage.Blobs and associated DLLs interact with such an account?
Are the requests made through HTTPS or are these DLLs interacting through other protocols, do I need to tell them to open certain ports or will default ports such as 443 and (80 for http) work? Will this play nice with proxies?
I did have a bit of a google around but my Google Fu is failing me and I'm not finding clear answers.
Our apps are built for .NET Framework 4.8 - in case that is significant.
CodePudding user response:
You can view/download the ip ranges from this link:
This file contains the IP address ranges for Public Azure as a whole, each Azure region within Public, and ranges for several Azure Services (Service Tags) such as Storage, SQL and AzureTrafficManager in Public. This file currently includes only IPv4 address ranges but a schema extension in the near future will enable us to support IPv6 address ranges as well. Service Tags are each expressed as one set of cloud-wide ranges and broken out by region within that cloud. This file is updated weekly. New ranges appearing in the file will not be used in Azure for at least one week. Please download the new json file every week and perform the necessary changes at your site to correctly identify services running in Azure.
IMHO Azure storage should be configured to use https only so the https port should be open.