Azure Service endpoint for Azure Services

Jeff Walzer · ‎Nov 02 2021

We have a use case where an Azure App Service and an Azure SQL server are both in the same resource group and the App Service needs to send/receive traffic from the Azure SQL server.

Would creating a Service endpoint provide additional security for this use case? If so, would it be in the form of forcing traffic to/from the Azure services over the Azure fabric instead of the Internet?

I've seen example for Service endpoints in which one of the resources is a VM with a private IP, but again in our case we have two Azure services talking to each other.

Thx

Anthony_Norwood · ‎Nov 02 2021

Hi @Jeff Walzer, have you considered using vNET Integration with the app service? You will need to be on a Standard plan or higher, but you'll be able to communicate with the SQL Server over the Azure private network.

Jeff Walzer · ‎Nov 02 2021

@Anthony_Norwood - thx for the reply and information as I will read up on vNET Integration with the App service.

The App service requires access from the Internet - will vNET Integration prevent that?

Anthony_Norwood · ‎Nov 02 2021

@Jeff Walzer - not at all, this should have all the information you need:

https://docs.microsoft.com/en-us/azure/app-service/overview-vnet-integration

Re: inbound traffic, they're treated separately, so no impact to that. You'll still have an inbound IP address and FQDN to provide inbound access

Jeff Walzer · ‎Nov 02 2021

@Anthony_Norwood - TYVM for the link as I will start reading up on this option

Azure Service endpoint for Azure Services

Azure Service endpoint for Azure Services

Re: Azure Service endpoint for Azure Services

Re: Azure Service endpoint for Azure Services

Re: Azure Service endpoint for Azure Services

Re: Azure Service endpoint for Azure Services

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Azure Service endpoint for Azure Services