[英]How to connect public-facing Azure Static Web App to a Function app that is secured with a private endpoint
I have an Azure static web app (SWA) that calls a "bring your own functions" API (required separation for an API accessing key vault).我有一个 Azure 静态 Web 应用程序 (SWA),它调用“自带函数”API(访问密钥保管库的 API 需要分离)。 The Function app is via a private endpoint.
Function 应用程序通过专用端点。 I want the SWA to be public-facing, ideally with Enterprise-grade Edge.
我希望 SWA 面向公众,最好具有企业级边缘。 In order to let the SWA talk to the function app, I established the same private endpoint for the SWA, resulting in a 403 now from the public Internet.
为了让 SWA 与函数应用程序对话,我为 SWA 建立了相同的专用端点,导致现在来自公共 Internet 的 403。 How can I allow the SWA to be public facing (and benefit from CDN / Enterprise-grade Edge) while allowing it to connect to the secured Function app?
如何允许 SWA 面向公众(并从 CDN/企业级边缘中受益)同时允许它连接到安全的 Function 应用程序? Thanks!
谢谢!
I'm afraid you cannot achieve this requirement using Static Web App and a FunctionApp behind a private endpoint.恐怕您无法使用静态 Web 应用程序和私有端点后面的 FunctionApp 来满足此要求。 The 'bring your own functions' feature requires the functions to not have IP restrictions.
“自带函数”功能要求函数没有 IP 限制。 {1}
{1}
If securing your functions behind a private endpoint is a must, you may want to use App Service instead, this way you can use the feature 'VNet Integration.如果必须在专用终结点后面保护您的功能,您可能希望改用应用服务,这样您就可以使用“VNet 集成”功能。 This feature allows you to route outbound traffic privately, using an IP from a subnet of your own VNet.
此功能允许您使用您自己的 VNet 子网中的 IP 私下路由出站流量。 {2}
{2}
Please, take a look at the documentation below:请查看以下文档:
https://learn.microsoft.com/en-us/azure/static-web-apps/functions-bring-your-own#security-constraints https://learn.microsoft.com/en-us/azure/static-web-apps/functions-bring-your-own#security-constraints
https://learn.microsoft.com/en-us/azure/app-service/overview-vnet-integration https://learn.microsoft.com/en-us/azure/app-service/overview-vnet-integration
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.