Create a Front Door in the Azure portal

Overview: what the portal asks for
Quick vs Custom create — when to use each
Step-by-step: what to enter in the portal
SKU comparison
Supported origin types
Naming and endpoint guidance
Health probes, routing rules and WAF (Custom create)
Final notes

This guide shows the steps and key decisions when creating an Azure Front Door resource in the Azure portal. It covers the deployment flows, SKU choices, endpoint naming, and origins — so you can pick the right options for your application’s global entry point.

Overview: what the portal asks for

When you start the Front Door creation workflow in the Azure portal you’ll see two deployment flows:

Quick create — uses sensible defaults and requires fewer inputs for fast provisioning.
Custom create — lets you fine-tune routing rules, health probes, WAF, custom domains, and all advanced settings.

You’ll also pick a SKU (Standard or Premium), provide a globally unique endpoint name (this becomes your frontend host), and define one or more origin backends (App Service, Application Gateway, Storage, public IPs, or load balancers).

Quick vs Custom create — when to use each

Quick create
- Best for simple deployments and PoCs.
- Requires minimal configuration: SKU, endpoint name, and a basic origin.
- Fast provisioning with Microsoft-supplied defaults.
Custom create
- Use when you need custom routing rules, multiple origins, geo-routing, advanced health probes, Web Application Firewall (WAF), or custom domain and TLS configuration.
- Allows detailed security and performance tuning.

Choose Quick create for simple scenarios or when you want a fast setup with defaults. Use Custom create when you need to configure routing rules, health probes, custom domains, WAF, or more advanced origin settings.

A slide titled "Create a Front Door in the Azure portal" showing the main setup steps (Deployment Method, Select SKU, Unique Endpoint Name, Configure Origin Type) with option buttons like Quick Create/Custom Create, Standard/Premium, and origin types (App Service, App Gateway, Storage). On the right is a screenshot of the Azure portal's "Compare offerings" panel highlighting the Quick create and Custom create options.

Step-by-step: what to enter in the portal

Start the Front Door creation workflow in the Azure portal (Marketplace → Azure Front Door).
Choose the deployment method: Quick create or Custom create.
Select the SKU:
- Standard — core CDN and global load-balancing features.
- Premium — adds enterprise features and advanced security capabilities (WAF policies, enhanced authentication, private link support for origins in some cases).
Provide a globally unique endpoint name. This forms the frontend host (for example: myapp-frontdoor.azurefd.net).
Configure origin(s): select type, add origin hostnames or IPs, and define origin settings such as priority, weight, and HTTP/HTTPS ports.
(Custom create only) Define routing rules, health probes, caching behavior, custom domains, TLS settings, and WAF policies as required.
Review and create — Azure provisions the Front Door and configures the global entry point.

SKU comparison

SKU	Use Case	Key Features
Standard	General-purpose global load balancing and CDN	Global HTTP/HTTPS routing, caching, simple routing rules
Premium	Enterprise workloads with advanced security and routing	WAF policies, private origin support, advanced routing & authentication

For more details, see the official Azure Front Door documentation: Azure Front Door overview.

Supported origin types

Origin Type	Typical Use Case	Example
App Service	Host web apps in Azure	`myapp.azurewebsites.net`
Application Gateway	Use Front Door in front of regional application gateways	Private/internal apps exposed via App Gateway
Storage account (static websites)	Serve static content	`mystorage.z20.web.core.windows.net`
Public IP or VM	Custom backend services	VM-hosted web server
Load Balancer	Distribute traffic to multiple VMs/services	`my-loadbalancer`

Naming and endpoint guidance

Use a meaningful, human-readable endpoint name that reflects environment and app (e.g., prod-myapp-fd).
Endpoint names must be globally unique across Azure Front Door endpoints.
If you plan to use a custom domain, map the custom CNAME to the Front Door frontend host and validate domain ownership in the portal.

Health probes, routing rules and WAF (Custom create)

Configure health probes to match your backend health endpoints so Front Door can failover traffic cleanly.
Use routing rules to define match conditions (path-based, header-based) and determine how traffic is forwarded (simple pass-through, rewrite, redirect).
Apply WAF policies to protect against common web vulnerabilities and to meet compliance/security requirements.

Final notes

Quick create is ideal for getting started quickly; Custom create is necessary for production and complex architectures.
Consider Premium SKU if you need advanced security, tighter origin controls, or enterprise features.
Review pricing differences before provisioning; SKUs and features affect billing.

Useful references:

So this is just the basic configuration. If you choose Quick create, you only need to provide a few basic settings (SKU, endpoint name, and a simple origin). I will use Custom create so you can see how to fine-tune a Front Door deployment and configure additional features like routing rules, health probes, and custom domains.

Watch Video

Configuring Front Door

What is Azure Front Door

Introduction

Configure Internet Access with Azure Virtual NAT

Configure Peering for an Express Route Deployment

Configure Public IP Addresses

Connect Devices to Networks with Point to Site VPN Connections

Connect Networks with Site to Site VPN Connections

Connect Remote Resources by using Azure Virtual WA Ns

Create a Network Virtual Appliance NVA in a Virtual Hub

Deploy Azure D Do S Protection

Deploy and configure Network Security Groups

Design Azure Application Gateway

Design Azure Front Door

Design Name Resolution for Azure Virtual Network

Design an Express Route deployment

Design and Implement Azure Firewall

Design and Implement Azure Load Balancer

Design and Implement Azure VPN Gateway

Design and implement Azure Bastion

Enable Cross V Net Connectivity

Explain Virtual Network Service Endpoints

Explore Azure Express Route

Explore Azure Traffic Manager

Explore Azure Virtual Networks

Explore Load Balancing Options in the Azure

Express Route Advanced Features

Get Network Security Recommendations with Microsoft Defender for Cloud

Implement Virtual Network Traffic Routing

Implement a Web Application Firewall

Monitor your networks using Azure Monitor

Monitor your networks using Azure Network Watcher

Private Link Services and Private Endpoints

Troubleshooting Express Route Connections

Working with Azure Firewall Manager

​Overview: what the portal asks for

​Quick vs Custom create — when to use each

​Step-by-step: what to enter in the portal

​SKU comparison

​Supported origin types

​Naming and endpoint guidance

​Health probes, routing rules and WAF (Custom create)

​Final notes

Watch Video

Overview: what the portal asks for

Quick vs Custom create — when to use each

Step-by-step: what to enter in the portal

SKU comparison

Supported origin types

Naming and endpoint guidance

Health probes, routing rules and WAF (Custom create)

Final notes