3

I have an Azure storage account with a blob endpoint of: 'blobstorageaccountname.blob.core.windows.net'. I want to choose a static IP Address, because some of my more zealous customers want to only allocate a known set of IP addresses through their firewall. I have already provided them with the list of Azure IP ranges for my Azure region, but they don't want to allocate such broad ranges.

Also: 1

In Azure portal | Storage | Networking | Custom domain: it says "Configure a custom domain for accessing blob data in your Azure storage account, like www.contoso.com".

If that is possible could I allocate the custom domain a static IP address?

Is it really only blob specific, what about queue endpoints? I could configure my DNS with each endpoint having a new CNAME entry.

Also: 2

Azure portal | Add new resource "Public IP Address", allows me to add a public statis IP address for a virtual network gateway (VNG?). I know it's possible to apply a static IP to a VM. How does one create or configure a VNG? or Azure VNet? to apply a static IP to a Storage endpoint?

I read these, but they were not helpful: https://social.msdn.microsoft.com/forums/en-US/b7dbea96-5349-45c6-8774-f8c766d08e31/help-assign-static-ip-to-a-blob-storage-account?forum=windowsazuredata Virtual Public IP address

Also posted on the Azure Docs Questions forum

OzBob
  • 4,227
  • 1
  • 39
  • 48
  • how to docs on new Virtual Network Gateway and vNet are found via Google on Technet. Static IP, with a quick Google i found a company that supports that. I don't work nor get paid by that company, but just showing you that these questions have widely been answered. – jack_skellington Jun 01 '22 at 09:44

1 Answers1

2

As of 2022, Azure Storage service does not support public IPs, but Azure API management does.

Configuring APIm service with a public static IP, then create a 'pass through' endpoint for each storage type.

Each client's app.config needs "AzureWebJobsStorage" updated to send requests through an API Management route for each endpoint type. I am currently using a generic connection not specifying the endpoints, so each client will need updating to use the 'explicit storage endpoint connection string

Alternative to APIm: investigate dotnet YARP as a reverse proxy hosted on an Azure WebApp and manage re-routing that way.

OzBob
  • 4,227
  • 1
  • 39
  • 48
  • I wish this answer had a bit more detail for someone getting acquainted with these Azure features like myself. For example, walk-through would be great! – StinkySocks Aug 13 '23 at 02:42