0

We've got a webserver we are going to be moving to Azure. Simple enough, spool up 2 VMS, install IIS, configure some load balancing end point and see the IIS homepage.

But now, I want to have the website files on a shared drive that can be accessed by both VMs and my local network. I've deployed my VMs using the classic deployment model and would prefer to have my Azure VNet and local network seperated for security.

What would be the best way to make this happen? Azure Files seems to be the logical answer but this means that when a website is setup in IIS and the virtual directory is configured, I have to provide my storage name and access control key so that IIS has the ability to read files from Azure Files. This actually grants IIS full control over those files, is this a security concern?

S. Walker
  • 2,129
  • 12
  • 30
  • 1
    There is no "best" way to migrate your web site to Azure, nor is there a "best" way to use storage. But there are several questions/answers addressing the various storage options and how they relate to sharing, such as [this one](http://stackoverflow.com/a/41126552/272109) I posted a few days ago. – David Makogon Dec 17 '16 at 16:24
  • Also - VNets don't apply to Azure Storage. There's no way to limit access to a storage account to just a VNet. – David Makogon Dec 17 '16 at 16:34
  • This really points me in the right direction, but I don't think i fully understand. So I can use a UNC path in IIS for my virtual directory. Does this mean if I have a classic ASP page, that attempts to read from a file in the same folder as said asp page, it won't work? – S. Walker Dec 17 '16 at 19:35

0 Answers0