Before configuring Air Gap Protect storage on Azure Blob Storage, add the required endpoints to your Air Gap Protect MediaAgent's allowlist.
Replacing * in *.blob.core.windows.net
After you configure your Air Gap Protect storage on Azure Blob Storage, you can replace * in *.blob.core.windows.net with the specific storage account name. For example, in the following image, the name of the storage account is AGP-Bahrain:
Global Azure
-
*.blob.core.windows.net: All endpoints that containblob.core.windows.net -
https://login.microsoftonline.com
Azure Government
-
*.blob.core.usgovcloudapi.net: All endpoints that contain.blob.core.usgovcloudapi.net -
https://login.microsoftonline.us
Azure IP ranges and service tags
For a downloadable list of IP addresses required by the following, see Azure IP Ranges and Service Tags – Public Cloud:
-
blob.core.windows.net -
login.microsoftonline.com -
blob.core.usgovcloudapi.net -
login.microsoftonline.us
In the name: "Storage.[region]" value—such as "name": "Storage.AustraliaCentral"—[region] is the region of the Air Gap Protect storage.
Azure ExpressRoute and Azure Private Link
Azure ExpressRoute is supported with no additional configuration.
Azure Private Link is supported with additional configuration.