This scenario uses the following Azure services:Īzure App Service hosts web applications, allowing autoscale and high availability without having to manage infrastructure.Īzure SQL Database is a general-purpose relational database managed service that supports relational data, spatial data, JSON, and XML.Īzure Virtual Network is the fundamental building block for private networks in Azure. The database is inaccessible from the public internet. The Azure SQL Database firewall allows only traffic coming from the PrivateLinkSubnet to connect. The web app connects to the Azure SQL Database through the private endpoint in the PrivateLinkSubnet. The private DNS zone returns the private IP address of the private endpoint set up for the Azure SQL Database. The CNAME of the Azure SQL Database directs the query to the private DNS zone. The query traverses the virtual interface in the AppSvcSubnet. The web app sends a query for the IP address of the Azure SQL Database. The web app connects to the virtual network through a virtual interface mounted in the AppSvcSubnet of the virtual network.Īzure Private Link sets up a private endpoint for the Azure SQL Database in the PrivateLinkSubnet of the virtual network. Regional network integration mounts a virtual interface in the AppSvcSubnet that the App Service web app connects to. Region virtual network integration gives the web app access to resources in the virtual network that aren't internet-hosted endpoint. To communicate with the resources in your virtual network that aren't internet facing, you need to enable regional virtual network integration. The web app receives an HTTP request from the internet that requires an API call to the Azure SQL Database.īy default, web apps hosted in App Service can reach only internet-hosted endpoints. Architectureĭownload a Visio file of this architecture. The architecture ensures communication from the web app in Azure App Service and Azure SQL Database only traverses a virtual network. This example scenario describes how to securely connect a web app to a backend database over a fully private connection.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |