Azure Block Blob Storage

This article explains how to set up customer origin groups for use with Azure block blob storage. Customer origin groups and support for Azure block blob storage are new capabilities. If your account has not been updated to use these capabilities, please refer to the External Servers (Customer Origin) article for information on how to set up a customer origin.

Serve content stored from an Azure block blob container via the CDN by performing the following steps:

  1. Optional. Prepare for HTTPS delivery by setting up a TLS certificate.

    • Certificate Provisioning System

      Use our Certificate Provisioning System to self-service a TLS certificate.

      Learn more.

    • Legacy HTTPS

      Request a TLS certificate from your CDN account manager.

      Learn more.

  2. Create a customer origin group that either generates a new Azure block blob container or points to an existing one.

    A customer origin group maps your origin (e.g., Azure block blob) to a CDN URL through which your content may be served. A CDN URL consists of a system-defined base URL followed by the relative path to your content.

  3. Optional. Create an edge CNAME configuration.

    Use an edge CNAME configuration to serve traffic via the CDN without having to update your links. This type of configuration maps a customer origin group to a CNAME recordA Canonical Name (CNAME) record is used to indicate that a hostname is an alias of another hostname. A CNAME record must be registered on a Domain Name System (DNS). This term should not be confused with edge CNAME..

  4. Upload the desired content to your Azure block blob container.

Key information:

Creating a Customer Origin Group

This section provides step-by-step instructions on how to create a customer origin group.

Key information:

To create a customer origin group for a new Azure block blob container

  1. Navigate to the Origins page corresponding to the desired platform. ClosedHow?From the main menu, navigate to [HTTP Large, HTTP Small, or ADN] | Origins.
  2. Click Create.
  3. Click Azure Blob. By default, the Create Account tab will be selected.
  4. In the Name option, specify a name that consists of 3 to 15 lowercase letters and numbers. This name will be assigned to the customer origin group and to the Azure block blob container being created.

    This name will be incorporated into the CDN URL (e.g., http://wpc.0001.omegacdn.net/800001/Customer Origin Group).

  5. In the Location option, select the location closest to the majority of your users.
  6. Click Save.

To create a customer origin group for an existing Azure block blob container

  1. Navigate to the Origins page corresponding to the desired platform. ClosedHow?From the main menu, navigate to [HTTP Large, HTTP Small, or ADN] | Origins.
  2. Click Create.
  3. Click Azure Blob.
  4. Click the Bring Your Own tab.
  5. In the Origin Name option, type the name of the Azure storage account that owns the desired Azure block blob container. This name will be assigned to the customer origin group being created.

    This name will be incorporated into the CDN URL (e.g., http://wpc.0001.omegacdn.net/800001/Customer Origin Group).

  6. In the Container Name option, specify the name of your existing Azure block blob container.
  7. In the Location option, select the location where the Azure block blob container identified in the previous step is housed.
  8. In the Access Type option, select how you will authorize access to the specified Azure block blob container. Choose from either of the following options:

    • Access Key: Set the Access Key option to the key1 token and the Backup Key option to the key2 token.

      Learn more.

    • SAS Token: Set the SAS Token 1 and SAS Token 2 options to your SAS tokens.

      A shared access signature (SAS) provides delegated access to resources in your Azure storage account. This allows access to resources in your Azure storage account without having to sharing your access keys.

  9. Click Save.

Authorization Credentials

Our service requires authorization credentials to serve content from an Azure block blob container. Our system automatically manages these credentials for containers created by our service. Alternatively, if your customer origin group points to a container that you created via Azure, then you are responsible for managing your Azure authorization credentials.

Shared Access Signature (SAS)

A SAS grants limited access to Azure storage resources.

Access Keys

You may use your access keys to authenticate to your preexisting Azure block blob containerRefers to an Azure block blob container that was not created by our service.. However, if you regenerate your access keys, then you must also update your customer origin group with the updated access keys.

If a customer origin group is associated with outdated access keys, then traffic served through it may result in a 403 Forbidden response.

Deleting a Customer Origin Group

You may permanently delete a customer origin group.

Deleting a customer origin group for which an Azure block blob container was created will also delete the container. This will not occur when deleting a customer origin group that was configured to connect to a preexisting Azure block blob container.

If an edge CNAME points to a customer origin group associated with an Azure block blob container, then you will not be allowed to delete it. Delete the corresponding edge CNAME configuration and then delete the customer origin group.

It may take up to 45 minutes for customer origin group deletions to take effect.

To delete a customer origin group

  1. Navigate to the Origins page corresponding to the desired platform. ClosedHow?From the main menu, navigate to [HTTP Large, HTTP Small, or ADN] | Origins.
  2. Click on the desired customer origin group to expand it.
  3. Hover over the origin entry and then click . When prompted, click Delete to confirm the deletion of the customer origin group.

Customer Origin Group Name

The Name/Origin Name option uniquely identifies your customer origin group. This name is included as a URL segment within a CDN URLA system-defined URL that points to a CDN hostname. A CDN URL allows content delivery via our network. Simplify your CDN setup by also creating an edge CNAME configuration which potentially allows you to deliver traffic via the CDN using the same links as your current setup. as indicated below.

Syntax:

Set up a friendlier and shorter URL (i.e., edge CNAME URLThis type of URL takes advantage of an edge CNAME configuration and a CNAME record to provide a friendlier alternative to a CDN URL. An edge CNAME URL is specific to the platform from which it was configured.) by creating an edge CNAME configuration and defining a CNAME record.
Learn more.

The name assigned to your customer origin group cannot be modified.

CDN and edge CNAME URLs are case-sensitive.

Example

If the primary purpose of your web servers is to serve images, then you might create a customer origin group called images. An example of what a CDN URL for this type of customer origin might look like is provided below.

The above sample CDN URL points to the webroot on the server(s) associated with the images customer origin group. Append the desired relative path to the content that you would like to request. This relative path is highlighted in the following sample CDN URL:

http://wpc.0001.omegacdn.net/800001/images/photography/clientX/

Content Management

Manage your content and block blobs using any of the following tools:

Leverage a SAS URI to access your Azure storage account.

Azure Storage Explorer

Azure Storage Explorer provides an intuitive UI to easily upload, download, and manage blobs within your storage account.

  1. Download and install Azure Storage Explorer from the Azure Storage Explorer page.
  2. Launch Azure Storage Explorer.
  3. Select Storage Accounts, click the Actions tab, and then click Connect to Azure storage...
  4. From the Connect to Azure Storage dialog box, select the Use a shared access signature (SAS) URI option and then click Next.

  5. From within the MCC, copy the desired container's SAS URI.

    How?

  6. From within Azure Storage Explorer, paste your SAS URI into the URI option and then click Next.

    The Display Name option will auto-populate upon pasting your SAS URI.

  7. From the Connection Summary dialog box, review your connection configuration and then click Connect. Your Azure block blob container will be listed under Local & Attached | Storage Accounts | (Attached Containers) | Blob Containers.
  8. Upload content by clicking Upload and then selecting either Upload Folder or Upload Files.