Not really. Now anyone can set up a Front Door instance to access my app
service. You'll need to add a further lockdown to restrict access to
from only the permitted Front Door resource using the X-Azure-FDID
header: Azure Front Door - Frequently Asked Questions | Microsoft Docs.
@KFahmy - Agree, if customer requirement is to keep spokes completely
'private', without any public ips then you can force tunnel traffic from
spoke to hub. Please note, to implement that scenario you will have to
modify templates that are available in the GitHub repo.
@sumitkup1 yea but I think why we standardize it in CAF , I believe it
can be 1 scenario in one VNET if you want to send traffic to third party
web scanning SaaS service , since the majority of the customers from
what I see in the market like to have as much as possible islolated
SPOKES no public IP...
Hi @KFahmy - re. your above query. That is to send all internet outbound
traffic using specific static public IP address or addresses. e.g. if
you want to send traffic to third party web scanning SaaS service and
want to use specific static public ip address or addresses.
Latest Comments