Hi, Welcome to MS Q&A
To disable access key for a storage account attached through a deployment script, you can modify the allowSharedKeyAccess
property in the Azure Resource Manager template or Bicep file to false
. Here is an example of how to modify the property in a template file:
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2021-04-01",
"name": "[variables('storageAccountName')]",
"location": "[parameters('location')]",
"sku": {
"name": "[parameters('skuName')]",
"tier": "[parameters('skuTier')]"
},
"kind": "[parameters('kind')]",
"properties": {
"accessTier": "[parameters('accessTier')]",
"allowBlobPublicAccess": "[parameters('allowBlobPublicAccess')]",
"minimumTlsVersion": "[parameters('minimumTlsVersion')]",
"supportsHttpsTrafficOnly": "[parameters('supportsHttpsTrafficOnly')]",
"encryption": {
"services": {
"blob": {
"enabled": "[parameters('enableEncryption')]"
}
},
"keySource": "[parameters('encryptionKeySource')]"
},
"networkAcls": {
"defaultAction": "[parameters('defaultAction')]",
"virtualNetworkRules": "[parameters('virtualNetworkRules')]",
"ipRules": "[parameters('ipRules')]"
},
"allowSharedKeyAccess": false
},
"dependsOn": []
}
]
After you modify the template file, you can redeploy it to update the storage account. Note that you should include the other properties for your account and child resources when redeploying with this property. Do not deploy this template as is or it will reset all of your account properties.
References:
Please let us know , if further questions
Kindly accept answer if it works for you
Thanks
Deepanshu