Azure Service endpoint for Azure Services

Question

We have a use case where an Azure App Service and an Azure SQL server are both in the same resource group and the App Service needs to send/receive traffic from the Azure SQL server.

Would creating a Service endpoint provide additional security for this use case? If so, would it be in the form of forcing traffic to/from the Azure services over the Azure fabric instead of the Internet?

I've seen example for Service endpoints in which one of the resources is a VM with a private IP, but again in our case we have two Azure services talking to each other.

Thx

anthony_norwood · Answer

Hi Jeff Walzer, have you considered using vNET Integration with the app service? You will need to be on a Standard plan or higher, but you'll be able to communicate with the SQL Server over the Azure private network.

anthony_norwood · Answer

Jeff Walzer&nbsp;- not at all, this should have all the information you need:https://docs.microsoft.com/en-us/azure/app-service/overview-vnet-integrationRe: inbound traffic, they're treated separately, so no impact to that. You'll still have an inbound IP address and FQDN to provide inbound access

jeff walzer · Answer

Anthony_Norwood&nbsp;- thx for the reply and information as I will read up on&nbsp;vNET Integration with the App service.&nbsp;The App service requires access from the Internet - will&nbsp;vNET Integration prevent that?

jeff walzer · Answer

Anthony_Norwood&nbsp;- TYVM for the link as I will start reading up on this option

Forum Discussion

Azure Service endpoint for Azure Services

4 Replies

Resources