According to our customer's business requirement and cloud architecture, sometimes they need to use their own custom domain for logic app standard. In addition, in consideration of security, our customers have the requirement to secure the logic app in private network and resolve the LA's FQDN as a private ip. This article shares an overall solution for this scenario.
Section One: Add a custom domain for single tenant logic app
Step1:Acquire the custom domain. The following example shows how to buy an app service domain:
Step 2: Add custom domain as the following configuration. You can choose to use the app service managed certificate or add the certificate later.
Step3: The DNS zone of the custom domain will be generated automatically. Please add the hostname records in this DNS zone:
Step 4:Validate the custom domain and it will be added to the logic app standard:
Section Two: Resolve the FQDN of logic app as a private ip
Step1:Please add a private endpoint on the "Networking-In bound traffic" panel. Please ensure the PE is integrated with a private DNS zone:
Then the logic app standard will be allocated a private ip address:
Step2: Please login in to an Azure VM within the same V-net and add the DNS records on the host.json file:
File location: C:\Windows\System32\drivers\etc
Both FQDN (custom domain and original domain) can be resolved as private IP: