How can I have a public Azure AppService app talk to many private Azure AppService Apps?

Question

I would like to do this with AppService and AzFunctions.

I want to have 1 app exposed to the public. I want to have several apps private. I want the public app to have full access to the private apps.

My dream would be that I could Manage Identity my apps the same way I can assign rights for my app to access KeyVault.

Another approach if it could be done, is all my apps on a vnet, but one app also has a public IP.

Is this doable in a nice way yet that isn't kubernetes and just using native azure techniques ;)

score 1 · Answer 1 · answered Jul 07 '20 at 18:55

1

By default WebApps have a public IP.

What I have found useful is that I expose my public WebApp as normal but I add access restrictions to all my internal WebApps/services.

All WebApps are wrapped into one virtual network.

For internal WebApps, in access restriction tab, access is only allowed through a virtual network, and all other calls are denied.

answered Jul 07 '20 at 18:55

I wish one of these Azure Microsoft MVPs wrote a blog/tutorial about this approach. – Herb Stahl Jul 09 '20 at 00:01

1 Answers1