Ensure default network access rule for Storage Accounts is set to deny
1. Go to Storage Accounts
2. For each storage account, Click on the settings menu called Firewalls and virtual networks.
3. Ensure that you have elected to allow access from Selected networks.
4. Add rules to allow traffic from specific network.
5. Click Save to apply your changes.
Azure Command Line Interface 2.0 Use the below command to update default-action to Deny.
About Azure storage accounts
Azure Storage Account
An Azure storage account provides a unique namespace to store and access your Azure Storage data objects. All objects in a storage account are billed together as a group. By default, the data in your account is available only to you, the account owner.