Menu
I have created Blob container and associated a CDN and everything is okay. I want to achieve following.
If I make the container private, even CDN is not able to access the content. If I make container public, content is available for direct access as well.
In AWS world its quite possible with access policy.
414
To allow or disallow public access for a storage account in the Azure portal, follow these steps: Navigate to your storage account in the Azure portal. Locate the Configuration setting under Settings. Set Blob public access to Enabled or Disabled.
In this quickstart, you enable Azure Content Delivery Network (CDN) to cache content from Azure Storage. Azure CDN offers developers a global solution for delivering high-bandwidth content.
A container organizes a set of blobs, similar to a directory in a file system. A storage account can include an unlimited number of containers, and a container can store an unlimited number of blobs.
This is possible with a private container and a SAS url. When a customer requests the CDN url with the sas key, the CDN will request the asset from blob using the SAS url if it is not already cached.
If you wish to keep the SAS token hidden from the end customer completely, you can use a Verizon Premium profile and use a URL rewrite rule to add the SAS token from the CDN side.
Additional information on SAS: https://docs.microsoft.com/en-us/azure/storage/storage-dotnet-shared-access-signature-part-1#what-is-a-shared-access-signature
Additional information on CDN rewrite: https://docs.microsoft.com/en-us/azure/cdn/cdn-rules-engine-reference-features#url-rewrite
163
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
