¿Is it possible to restrict access to an Azure blob container to a specific domain?

Question

¿Is it possible to restrict access to an Azure blob container to a specific domain?

David 0

I need to restrict read access to an Azure blob container so that it is only accessible from a specific domain.

Anand Prakash Yadav 7,855 Reputation points Microsoft External Staff

2024-01-16T11:59:04.7633333+00:00

@David, just checking in to see if the below-answer helped. If this answers your query, do click "Accept the answer” for the same, which might be beneficial to other community members reading this thread.
Anand Prakash Yadav 7,855 Reputation points Microsoft External Staff

2024-01-16T11:59:28.77+00:00

And, if you have any further query do let us know.
Anand Prakash Yadav 7,855 Reputation points Microsoft External Staff

2024-01-18T11:42:18.9633333+00:00

@David, just checking in to see if the below-answer helped. If this answers your query, do click "Accept the answer” for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.

1 answer

Your answer

Anand Prakash Yadav 7,855 Reputation points Microsoft External Staff

2024-01-16T11:59:04.7633333+00:00

@David, just checking in to see if the below-answer helped. If this answers your query, do click "Accept the answer” for the same, which might be beneficial to other community members reading this thread.
Anand Prakash Yadav 7,855 Reputation points Microsoft External Staff

2024-01-16T11:59:28.77+00:00

And, if you have any further query do let us know.
Anand Prakash Yadav 7,855 Reputation points Microsoft External Staff

2024-01-18T11:42:18.9633333+00:00

@David, just checking in to see if the below-answer helped. If this answers your query, do click "Accept the answer” for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.

Answer 1

Hi @David , I understand that you need to make sure that users access Azure Blob Container using a custom domain (eg. www.mycustomdomain.com).

Azure Storage supports custom domain names, but doesn't support HTTPS when using a custom domain. Front Door is the best approach to use a custom domain name with a storage account.

If your Azure Blob Container allows anonymous access, please use Azure Front Door Premium with Private Link: Azure Front Door Premium (configured with Private Link) -> Private Endpoint of Azure Blob Container (anonymous access enabled, public access disabled)

Otherwise, you could use a shared access signature to secure requests to the storage account, and either have the client include the signature on all of their requests, or use the Front Door rules engine to attach it from Front Door. However, this configuration does not prevent users from accessing Azure Blob Container using public endpoint (storageaccountname.blob.storage.azure.net).

Azure Front Door Standard -> Azure Blob Container (public access enabled)

More information: Use Azure Front Door with Azure Storage blobs.

Please accept an answer if correct. Original posters help the community find answers faster by identifying the correct answer. Here is how.

Share via

¿Is it possible to restrict access to an Azure blob container to a specific domain?

1 answer

Your answer