Please enable JavaScript.
Coggle requires JavaScript to display documents.
:checkered_flag:Networking, Azure VPN G/w, IPaddress, Service Endpoints,…
-
-
-
Service Endpoints
- Create n/w between Vnet and Azure public services like ASql, ACosmosDb, AStorage by creating service endpoint for the vnet
- Protect the Azure service using ACL on the Azure service side. This is to protect the Azure services. Vnet resources should be protected using NSGs
The only requirement is that both the virtual network and Azure service resources must be under the same Active Directory (AD) tenant.
-
vnet
BE subnet
Route Table
Address Predfix: 0.0.0.0/0(Anthting other than local VM traffic)
Next Hop type: Virtual Appliance
Next hop address: Be nic ip
BE NIC with static IP, so that all traffic in the BE subnet goes thru a VNAppliance
-
-
Azure private endpoint and
Vnet should be in the same region, even though Azure private link service can be in a different region. APendpoint is juts another ip in the vnet