[英]Azure CDN with storage account private endpoint
We have VAPT findings to add a storage account to private endpoint.我们有 VAPT 调查结果,可将存储帐户添加到专用终结点。
Storage account is used by Azure CDN as origin. Azure CDN 使用存储帐户作为来源。
After adding endpoint the Azure CDN cannot access and gives error with an XML page.添加端点后,Azure CDN 无法访问并给出 XML 页面错误。
How to access storage account with private endpoint from Azure CDN?如何从 Azure CDN 访问具有专用端点的存储帐户?
You need to give access over the firewall.您需要通过防火墙授予访问权限。 For Microsoft CDN (classic) that would be the following range
147.243.0.0/16
as found in the Microsoft documentation .对于 Microsoft CDN(经典),它将是Microsoft 文档中找到的以下范围
147.243.0.0/16
。
if you've placed your storage account in a private link then i imagine you probably want to protect its content from unwanted access.如果您已将存储帐户放在私人链接中,那么我想您可能希望保护其内容免受不必要的访问。
i think @travisez13's solution would allow anything running in azure to access the storage account directly, assuming they could guess the names.我认为@travisez13 的解决方案将允许在 azure 中运行的任何东西直接访问存储帐户,假设他们可以猜到名称。
i think you may want to try this approach instead: https://docs.microsoft.com/en-us/azure/cdn/cdn-sas-storage-support我认为您可能想尝试这种方法: https://docs.microsoft.com/en-us/azure/cdn/cdn-sas-storage-support
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.