Private Endpoints - Disable Public Access

mgfeal · ‎Feb 27 2023

Hi,

We are developing our new software in Azure and we are using some CosmosDB, Key Vaults...

By default, all of them are published to internet. We use the default URI (https://testxxxxx.mongo.cosmos.azure.com:443/) and in Networking the Public Network Access is opened to "All networks".

For security reasons we want to change it. We don't want that our services are published to internet (now you can telnet to testdwh.mongo.cosmos.azure.com using 443 and 10255 ports.

So we disabled Public Access for one CosmosDB account:

And then we enabled the Private Access adding a Private Endpoint:

But... after these changes, we don't know why but we still connect to testxxxxxx.mongo.cosmos.azure.com using 443 and 10255 from internet.

How can we block this connections from internet?

Thanks!

mgfeal · ‎Feb 27 2023

Have you employed the network security group and blocked inbound traffic?
Also, have you reviewed this article by chance?
https://learn.microsoft.com/en-us/azure/virtual-network/tutorial-restrict-network-access-to-resource...

Kidd_Ip · ‎Mar 03 2023

@mgfeal

How about NSG? Please verify the rules under NSG

mgfeal · ‎Feb 27 2023

Have you employed the network security group and blocked inbound traffic?
Also, have you reviewed this article by chance?
https://learn.microsoft.com/en-us/azure/virtual-network/tutorial-restrict-network-access-to-resource...

View solution in original post

Private Endpoints - Disable Public Access

Private Endpoints - Disable Public Access

Re: Private Endpoints - Disable Public Access

Re: Private Endpoints - Disable Public Access

Re: Private Endpoints - Disable Public Access

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Private Endpoints - Disable Public Access