You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/frontdoor/scenario-upload-storage-blobs.md
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -14,19 +14,19 @@ ms.reviewer: hmb
14
14
15
15
Uploading files to Azure Storage through Azure Front Door brings certain advantages, including higher resiliency, scalability and extra security, such as scanning of uploaded content with WAF and using custom TLS certificate for storage accounts.
16
16
17
-
In this reference architecture, you deploy multiple storage accounts and Front Door profile with a multiple origins. By using multiple storage accounts for uploaded content, you improve performance, reliability and able to achieve load distribution/sharding by having different clients use storage accounts in different orders.
17
+
In this reference architecture, you deploy multiple storage accounts and Front Door profile with multiple origins. By using multiple storage accounts for uploaded content, you improve performance, reliability and able to achieve load distribution/sharding by having different clients use storage accounts in different orders.
18
18
19
19
## Architecture
20
20
21
-
21
+
22
22
23
23
In this reference architecture, you deploy multiple storage accounts and Azure Front Door profile with multiple origins. You deploy as well Azure App Service to host API, and Azure Service Bus queue.
24
24
25
25
## Dataflow
26
26
27
27
Data flows through the scenario as follows:
28
28
29
-
1. The client app calls a web-based API and retrieve a list of multiple upload locations. For each file that the client uploads, the API generates a list of possible upload locations, with one in each of the existing storage accounts. Each URL contains a Shared Access Signature, ensuring that the URL can only be used to upload to the designated blob URL.
29
+
1. The client app calls a web-based API and retrieves a list of multiple upload locations. For each file that the client uploads, the API generates a list of possible upload locations, with one in each of the existing storage accounts. Each URL contains a Shared Access Signature, ensuring that the URL can only be used to upload to the designated blob URL.
30
30
2. The client app attempts to upload a blob using first URL from the list returned by API. The client establishes a secure connection to Azure Front Door by using a custom domain name and custom TLS certificate.
31
31
3. The Front Door web application firewall (WAF) scans the request. If the WAF determines the request's risk level is too high, it blocks the request and Front Door returns an HTTP 403 error response. Otherwise the request is routed to the desired storage account.
32
32
4. File is uploaded into Azure Storage account. If this request fails, the client app will have to try to upload to an alternative storage account using next URL from the list returned by API.
@@ -60,15 +60,15 @@ Azure Front Door configuration includes the following steps:
60
60
61
61
In the *origin configuration*, you need to specify the origin type as a blob storage account and select the appropriate storage account available within your subscription.
When configuring the *Origin group route*, you have to specify a path that will be processed for this origin group and make sure to select the newly created origin group and specify the path to the container inside the storage account.
Finally, you need to create a new Rule set configuration. It is important to configure *Preserve unmatched path* setting which allows to append the remaining path after the source pattern to the new path.
70
70
71
-
71
+
0 commit comments