0

I'm trying to configure an app service such that it has a private link setup into our VPN enabled vnet but also allow public access (e.g. to allow front door and our devops agents access).

The docs (https://learn.microsoft.com/en-gb/azure/app-service/networking/private-endpoint) note that "by default" public access is diabled, to me that sounds like it is possible to not have the default, is that actually possible?

enter image description here

I'd rather not route everything through our vnet (using hub and spoke design) because to my mind that adds a single point of failure we don't need, e.g. having front door connect to the app service over the MS backbone means it isn't reliant on my vnet infrastructure. But the vpn access is useful for internal access direct to the app service.

mattb
  • 384
  • 1
  • 4
  • 24

2 Answers2

0

Now this behavior can be implemented. You can optionally disable public access. Check the documentation for more details https://learn.microsoft.com/en-us/azure/app-service/overview-access-restrictions#how-it-works

enter image description here

Alex Mishulkov
  • 11
  • 1
-1

I also asked this on the MS forums and with some help came to what i think is an acceptable answer: https://learn.microsoft.com/en-us/answers/questions/968600/app-service-using-private-link-but-still-need-publ.html

mattb
  • 384
  • 1
  • 4
  • 24
  • If you found a useful answer elsewhere, please include the **text** of the answer. A link isn't going to help anyone in the future if the link returns a 404. – Daniel Mann Aug 16 '22 at 16:22