In the storage account creation process, there are three connectivity methods: Public for all networks, Public for specified networks or Private endpoint. Storage account should be configured as Public for all networks only if necessary. If possible, it's recommended to limit access to the storage account by adjusting firewall rules and creating private endpoint to connect the storage account using private link. It was found that {AzureStorageAccount} storage account doesn't use private endpoint and firewall rules.