Microsoft Azure Insights: Web Application Firewall; CLI; Stack Hub; Output formats; API Management

User Review
0 (0 votes)

Microsoft Azure pros share their latest thoughts on secure storage account static sites with a Web Application Firewall, CLI, Stack Hub, output formats and using API Management.

Using a Web Application Firewall to secure a storage account static website

Aidan Finn explored how to use Azure Application Gateway to do content redirection for a storage account static website securely. For a recent website project, he needed cost-effectiveness, security, and the ability to receive content from Azure VMs directly. Storage accounts are resilient and set up with a static site. With a firewall in operation, only traffic coming from  the VM subnet, Web Application Firewall subnet or Azure Application Gateway is allowed through.

According to Finn, there are two potential approaches. In one, the WAF subnet is paired with a Microsoft.Storage service endpoint, thus routing all traffic through Azure’s private backbone to the storage account. This offers a combination of high security and low latency. Alternatively, users can swap in a private endpoint in the same VNet as the WAF. Users would need to change the WAF backend pool private IP address configuration. The second option has some advantages, but Finn also identifies some limitations. 

Winget for Azure CLI installation on Windows

FREE Membership Required to View Full Content:

Become a MemberLogin

Joining gives you free, unlimited access to news, analysis, white papers, case studies, product brochures, and more. You can also receive periodic email newsletters with the latest relevant articles and content updates. 
Learn more about us here