- Details
- Written by Azure Tech Guy
If you want your Azure Front Door and Front Door Standard/Premium instances to access certificates in your Key Vault, you will need to grant the general Microsoft Azure Front Door CDN principal user some access to your Key Vault
Classic Front Door
Against Azure Powershell session run this (you won't be able to run this if you are only a Reader):
New-AzADServicePrincipal -ApplicationId "ad0e1c7e-6d38-4ba4-9efd-0bc77ba9f037"
Then go your Key Vault -> Access Policy -> Add Access Policy -> Grant "Get" on Secret Permissions and Certificate Permissions to a user called - Microsoft.Azure.Frontdoor
Note! The user who performs the action to add the Key Vault certificate to the Front door instance should also have "Get" and "List" permissions to that same Key Vault for Secret and Certificate permissions
Front Door Standard/Premium (Preview)
Against Azure Powershell session run this (you won't be able to run this if you are only a Reader):
New-AzADServicePrincipal -ApplicationId "205478c0-bd83-4e1b-a9d6-db63a3e1e1c8"
Then go your Key Vault -> Access Policy -> Add Access Policy -> Grant "Get" on Secret Permissions and Certificate Permissions to a user called - Microsoft.AzureFrontDoor-Cdn
Note! The user who performs the action to add the Key Vault certificate to the Front door instance should also have "Get" and "List" permissions to that same Key Vault for Secret and Certificate permissions
Add a comment- Details
- Written by Azure Tech Guy
By default not all HTTP methods or verbs are allowed in Azure App Service. In order to allow/remove methods/verbs we need to make configurational changes.
It really boils down to what stack is your App running on.
Web Apps (Windows)
In IIS handlers are responsible for different app stacks and this is where the allowed verbs are also configured. We can see how the different handlers are configured in the applicationHost.config file. More details on it in my other article.
Go to KUDU and open the applicationHost.config file - D:\Local\Config\applicationhost.config. Find <handlers accessPolicy="Read, Script"> row. From there you can examine how different technologies are configured.
Let's take PHP for example
Add a comment- Details
- Written by Azure Tech Guy
Azure App Service is PaaS. This means that we have very limited capabilities of changing configurations. applicationHost.config file is one of them. It holds all the necessary settings for your Web App but it is read-only.
Location of the applicationHost.config file
You can find your Web App's applicationHost.config file in the following location:
D:\Local\Config\applicationhost.config
OR
https://webappname.scm.azurewebsites.net/api/vfs/localsiteroot/config/applicationHost.config
It loads the same applicationHost.config from D:\Local\Config
It is read-only and you cannot directly edit it but you can use it to check certain settings and how they are configured.
Making changes to the applicationHost.config file
The file can be read-only but we have certain ways of making changes. It can be done with Xdt Transformation
Here are some examples:
https://github.com/projectkudu/kudu/wiki/Xdt-transform-samples
You can do a lot of the changes suggested for the Xdt examples through web.config so the use of Xdt transform must be a very specific
Add a comment
- Details
- Written by Azure Tech Guy
In this article i will show you how to host a static website almost for free on Azure Storage and Microsoft CDN. You can host any static web pages and take advantage of javascript and CSS but not from any back-end language. Good example of a more advanced static content that you can host on the Azure Storage is Jekyll.
Table of Contents
- Requirements
- TLDR
- Storage Account
- CDN profile and endpoint
- Custom Domain for CDN
- HTTPS on Custom domains for CDN
- Upload Content
- Setting up redirections
Requirements
What do you need to have in order to complete the guide:
- An active Azure subscription - Free/Pay as you go/Visual Studio/Partnership/EA/CSS
- Custom domain hosted on Azure DNS (optional)
Page 1 of 4