Include Azure SQL as a "trusted Micorsoft service to access the Storage Account"
We're restricting access to our Storage Accounts by configuring the Firewall & Virtual networks.
However, one of these storage accounts must also be accessible to our Azure SQL db's. This is currently not supported.
Rather than securing the Storage Account, it has been proposed to restrict access from the Azure SQL side, BUT, that configuration currently only works if some other features (external tables) aren't used. We've now come full circle :)
Ideally, we'd like to see that we can secure the Storage Account - and include Azure SQL as a trusted service.
Bart Michel commented
perhaps, MS can make a subcategory which MS service you want to give access to the SA, this flag gets bigger and bigger if services are keeping added to this.
Since the Storage Account is access publicly and it's mandatory to start the firewall on it based on the recommendation Advisor. All Backup for SQL having Storage account as endpoint will not work if there are located to the Same region. So it's really needed to allow this in the new updates to solve this issue without applying the change region work around.
Has there been any update on this?