Enable NSG Flow Logs for secured Storage Accounts
At the moment, it's apparently not possible to use NSG Flow Logs with secured Storage Accounts, even if the exception "Allow trusted Microsoft services to access this storage account" is enabled on the Storage Account.
It would be really helpful if you could add the Network Watcher this list of trusted Microsoft servies, so we can use secured Storage Accounts to store our NSG Flow Logs on.
NSG Flow Logs are now compatible with Secured/Firewalled storage accounts.
With this update, Service Endpoints for Microsoft storage are also supported for NSG Flow Logs.
For details on enabling this, please see the FAQ: https://docs.microsoft.com/azure/network-watcher/frequently-asked-questions#how-do-i-use-nsg-flow-logs-on-a-storage-account-with-a-firewall-or-through-a-service-endpoints
Any update on when this will be available?
Aidan Finn commented
I hit this today. One security solution blocks another.
I was under the impression this was due to complete in November 2018 and then Q1 2019. Any update?
Alex Creech commented
Any idea when?