I have configured my Storage Account to allow access from a subnet. I created a Virtual machine inside the subnet. I then generated a valid SAS url from my Storage Account for that blob. I used PS Remoting from Azure Cloud Shell to login to the Virtual Machine. In that powershell session, I typed in the following command: curl . I got a 403 Forbidden error.
Note that the endpoint status for the subnet is showing as enabled. When I reviewed the subnet service endpoint, Storage is enabled. The subnet is configured with a network security group with the defaults. The only addition was allowing access for the PS Remoting port.
Why else am I missing to access the blob from the Virtual Machine?