It is possible to have a static website with a custom domain that is fully locked down to just a company's VPN in Azure.
Here are the steps you can follow:
Create a storage account and enable static website hosting.
Upload your static website content to the $web container in the storage account.
Create a private endpoint for the storage account.
Configure the private endpoint to allow traffic only from the company's VPN.
Create a custom domain and add a CNAME record pointing to the Azure CDN endpoint.
Create a CDN profile and a CDN endpoint.
Configure the CDN endpoint to use the storage account as the origin.
Configure the CDN endpoint to use HTTPS and a custom domain.
Lock down the CDN endpoint to allow traffic only from the company's VPN.
By following these steps, you can have a static website with a custom domain that is fully locked down to just a company's VPN in Azure. The CDN endpoint will serve the static website content from the storage account, and access to the CDN endpoint will be restricted to only the company's VPN.
