cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Private Endpoints - Disable Public Access

mgfeal
Occasional Contributor

‎Feb 27 2023 03:14 AM

‎Feb 27 2023 03:14 AM

Private Endpoints - Disable Public Access

Hi,

We are developing our new software in Azure and we are using some CosmosDB, Key Vaults...

By default, all of them are published to internet. We use the default URI (https://testxxxxx.mongo.cosmos.azure.com:443/) and in Networking the Public Network Access is opened to "All networks".

 

For security reasons we want to change it. We don't want that our services are published to internet (now you can telnet to testdwh.mongo.cosmos.azure.com using 443 and 10255 ports.

 

So we disabled Public Access for one CosmosDB account:

mgfeal_0-1677494986166.png

 

And then we enabled the Private Access adding a Private Endpoint:

mgfeal_1-1677495058742.png

 

mgfeal_2-1677495138821.png

 

But... after these changes, we don't know why but we still connect to testxxxxxx.mongo.cosmos.azure.com using 443 and 10255 from internet.

 

How can we block this connections from internet?

Thanks!

326 Views
0 Likes
2 Replies
Reply
2 Replies
best response confirmed by mgfeal (Occasional Contributor)
DTallarida

‎Feb 27 2023 10:43 AM

‎Feb 27 2023 10:43 AM

Solution

Re: Private Endpoints - Disable Public Access

Have you employed the network security group and blocked inbound traffic?
Also, have you reviewed this article by chance?
https://learn.microsoft.com/en-us/azure/virtual-network/tutorial-restrict-network-access-to-resource...
1 Like
Reply
Kidd_Ip

‎Mar 03 2023 06:49 PM

‎Mar 03 2023 06:49 PM

Re: Private Endpoints - Disable Public Access

@mgfeal 

How about NSG? Please verify the rules under NSG

1 Like
Reply