Home Azure Storage Azure CDN with Storage
Last updated: May 2026
Azure Storage Intermediate AZ-104 ⏱ 11 min read

Azure CDN with Storage

A storage account in Central India serves users in Mumbai in milliseconds — but users in London or New York get much slower responses. Azure CDN (Content Delivery Network) solves this by caching your storage content at edge locations around the world, so every user gets fast responses from a nearby server. CDN also adds custom domain support, HTTPS, and reduces your storage egress costs.

What you'll learn What a CDN does and why it matters · Azure CDN profiles and tiers · Creating a CDN endpoint for Blob Storage · Custom domain setup · Enabling HTTPS with managed certificates · Caching rules · Purging the CDN cache · Cost comparison — with and without CDN
Table of Contents
  1. What is a CDN?
  2. Azure CDN Tiers
  3. Creating a CDN Endpoint for Blob Storage
  4. Adding a Custom Domain
  5. Enabling HTTPS
  6. Caching Rules
  7. Purging the Cache
  8. Cost Savings with CDN
  9. Practice Questions

What is a CDN?

A CDN is a global network of servers (called Points of Presence, or PoPs) that cache copies of your content close to users worldwide. When a user requests a file:

  1. The CDN routes the request to the nearest PoP
  2. If the PoP has the file cached, it returns it immediately (cache hit)
  3. If not, it fetches from your storage account (origin), caches it, and returns it
  4. Subsequent requests from that region are served from the cache
ℹ️
Why CDN Matters Without CDN: A user in London requests an image stored in Central India. The request travels ~7,000 km to India and back — perhaps 150–200ms latency. With CDN: The image is cached at a London PoP — the user gets it in 5–10ms.

Azure CDN Tiers

TierProviderBest For
Azure CDN Standard from MicrosoftMicrosoftGeneral use, integrated with Azure services
Azure CDN Standard from EdgioEdgio (formerly Verizon)Broad coverage, good performance
Azure CDN Premium from EdgioEdgioAdvanced rules engine, analytics
💡
Recommendation For most use cases, Azure CDN Standard from Microsoft is the best choice — it integrates seamlessly with Azure services, supports custom rules, and is well-supported. Note: Microsoft is migrating to Azure Front Door for advanced CDN scenarios.

Creating a CDN Endpoint for Blob Storage

Via Azure Portal

  1. Go to your Storage Account → Security + networkingAzure CDN
  2. Click + New endpoint
  3. Select your CDN profile (or create new)
  4. Set endpoint name (must be globally unique — becomes [name].azureedge.net)
  5. Set Origin type: Storage
  6. Set Origin hostname: your storage account's blob endpoint
  7. Click Create

Via Azure CLI

Azure CLI Create CDN profile and endpoint for Blob Storage 
# Create CDN profile
az cdn profile create \
  --name mycdnprofile \
  --resource-group myResourceGroup \
  --sku Standard_Microsoft \
  --location global

# Create CDN endpoint pointing to blob storage
az cdn endpoint create \
  --name mysite-cdn \
  --profile-name mycdnprofile \
  --resource-group myResourceGroup \
  --origin mystorageaccount2026.blob.core.windows.net \
  --origin-host-header mystorageaccount2026.blob.core.windows.net \
  --location global

Your content is now accessible at: https://mysite-cdn.azureedge.net

Adding a Custom Domain

  1. In your DNS provider, create a CNAME record: www.yoursite.commysite-cdn.azureedge.net
  2. In the Azure Portal, go to your CDN endpoint → Custom domains+ Custom domain
  3. Enter www.yoursite.com
  4. Azure validates the CNAME record
  5. Click Add

Enabling HTTPS

Azure CDN provides a free managed SSL certificate for custom domains — no need to purchase or manage certificates yourself.

  1. Go to your CDN endpoint → Custom domains → click on your domain
  2. Toggle Custom domain HTTPS to On
  3. Select CDN managed certificate
  4. Click Save
  5. Azure automatically provisions and renews the certificate (takes a few hours first time)
Azure CLI Enable HTTPS for custom domain 
az cdn custom-domain enable-https \
  --endpoint-name mysite-cdn \
  --profile-name mycdnprofile \
  --resource-group myResourceGroup \
  --name www-yoursite-com

Caching Rules

By default, CDN caches content based on the Cache-Control headers from your origin. You can override this with caching rules:

Rule TypeUse Case
Global caching ruleDefault TTL for all content (e.g., cache everything for 1 day)
Custom caching ruleDifferent TTL for specific paths (e.g., images cached 30 days, HTML cached 1 hour)
Query string cachingCache differently based on query parameters

Purging the Cache

When you update content in your storage account, the CDN cache still serves the old version until it expires. Purge the cache to force CDN to fetch fresh content:

Azure CLI Purge CDN cache 
# Purge specific path
az cdn endpoint purge \
  --name mysite-cdn \
  --profile-name mycdnprofile \
  --resource-group myResourceGroup \
  --content-paths "/images/logo.png"

# Purge everything
az cdn endpoint purge \
  --name mysite-cdn \
  --profile-name mycdnprofile \
  --resource-group myResourceGroup \
  --content-paths "/*"

Cost Savings with CDN

CDN can actually reduce your total storage costs despite its own fees:

  • Storage egress (outbound data) costs ~₹6/GB from Azure Storage
  • CDN egress is cheaper — ~₹4–5/GB depending on region
  • Cache hits don't cost storage egress at all — only the first request to origin
  • If 90% of requests are cache hits, you've reduced storage egress by 90%
💡
AZ-104 Exam Tip Know that CDN caches content at edge PoPs for faster global delivery. Know that CDN enables custom domains with HTTPS for Blob static websites. Know that purging removes cached content and forces CDN to fetch fresh from origin. Know the CDN endpoint URL format: [name].azureedge.net.
📝 Practice Questions
Click an option to check your answer. AZ-104 style questions.
Q1. What is the primary benefit of using Azure CDN with Blob Storage?
A Increases storage account capacity
B Caches content at global edge locations for faster delivery to users worldwide
C Provides additional data redundancy for the storage account
D Encrypts blob data in transit
Q2. What format does an Azure CDN endpoint URL follow?
A [endpointname].azureedge.net
B [endpointname].cdn.azure.com
C [accountname].blob.core.windows.net/cdn
D [endpointname].azurecdn.net
Q3. You updated an image in your Blob Storage but users are still seeing the old image via CDN. What should you do?
A Restart the storage account
B Purge the CDN cache for that content path
C Delete and recreate the CDN endpoint
D Wait for the cache TTL to expire naturally
Q4. Does Azure CDN provide free SSL/TLS certificates for custom domains?
A Yes — Azure provides free CDN-managed certificates that auto-renew
B No — you must purchase an SSL certificate separately
C Only for the Premium CDN tier
D No — custom domains only support HTTP, not HTTPS
Q5. How can Azure CDN reduce your Azure Storage costs?
A By reducing the storage capacity needed
B By reducing storage egress costs — cache hits don't cost storage egress
C By eliminating storage replication costs
D By reducing the cost of storage transactions
Related Topics
Azure Storage Static Website Hosting Azure Storage Azure Blob Storage Azure Storage Azure Storage Explorer
← Previous Static Website Hosting
Comments
Disclaimer: RedKite Cloud is an independent educational resource and is not affiliated with Microsoft Corporation.