Forum Discussion
Azure Service endpoint for Azure Services
We have a use case where an Azure App Service and an Azure SQL server are both in the same resource group and the App Service needs to send/receive traffic from the Azure SQL server.
Would creating a Service endpoint provide additional security for this use case? If so, would it be in the form of forcing traffic to/from the Azure services over the Azure fabric instead of the Internet?
I've seen example for Service endpoints in which one of the resources is a VM with a private IP, but again in our case we have two Azure services talking to each other.
Thx
4 Replies
Hi Jeff Walzer, have you considered using vNET Integration with the app service? You will need to be on a Standard plan or higher, but you'll be able to communicate with the SQL Server over the Azure private network.
Anthony_Norwood - thx for the reply and information as I will read up on vNET Integration with the App service.
The App service requires access from the Internet - will vNET Integration prevent that?
Jeff Walzer - not at all, this should have all the information you need:
https://docs.microsoft.com/en-us/azure/app-service/overview-vnet-integration
Re: inbound traffic, they're treated separately, so no impact to that. You'll still have an inbound IP address and FQDN to provide inbound access
