I followed instructions as per https://learn.microsoft.com/en-us/azure/private-link/create-private-endpoint-storage-portal
Weirdly the blob GET requests only seem to work when using FQDN and not the direct private IP.
The private IP assigned to mystorageaccount.blob.core.windows.net is 10.0.0.5
GET requests to https://mystorageaccount.blob.core.windows.net/samplecontainer/1.png and https://mystorageaccount.privatelink.blob.core.windows.net/samplecontainer/1.png both work without issues and both get mapped to remote address 10.0.0.5:443
However, GET request to https://10.0.0.5/samplecontainer/1.png gives a 400 - Bad Request - Invalid Hostname error.
As I know, even if you access the Storage account without a private endpoint to download the blob, you also cannot use the IP address. Azure needs to resolve the blob endpoint via the domain name.
For the private endpoint for the storage account, the private link is also set by Azure. And the private IP address just provides a tunnel to connect the storage from the VNet. So you can access the storage blob via the domain name of the storage blob or the private link, but private IP address not.
