TechQA.

How to authorized only traffic from my Frontdoor to my Web App private endpoint?

873 views Asked by At

We have a frontdoor with 2 Web App in the backend.

We want to authorized access to the Web App only traffics from the frontdoor so we though about using Web App Private Endpoint.

However, when we redirect the traffic to the private endpoint, we still have "error 403 - forbidden" using the frontdoor.

Please help

azure web-applications azure-virtual-network azure-front-door
Original Q&A
1

There are 1 answers

0
Ervin Szilagyi On BEST ANSWER

Azure Front Door documentation explicitly states that the back-end service (Web App in this case) must have a public end-point to be accessible:

Backends and backend pools:

Front Door backends refers to the host name or public IP of your application that serves your client requests.

Backend pools can be composed of Storage, Web App, Kubernetes instances, or any other custom hostname that has public connectivity. Azure Front Door requires that the backends are defined either via a public IP or a publicly resolvable DNS hostname. Members of backend pools can be across zones, regions, or even outside of Azure as long as they have public connectivity.

If the Web App service has a private end-point, it is advised to put an Application Gateway in front of the service, which exposes a public end-point for the Front Door.

Keeping this in mind, as far as I know, there is no solution for being able to restrict traffic to the Web App from the Front Door only.

Related Questions in AZURE

Related Questions in WEB-APPLICATIONS

Related Questions in AZURE-VIRTUAL-NETWORK

Related Questions in AZURE-FRONT-DOOR

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions