堆栈内存溢出
  简体   繁体   English

如何将面向公众的 Azure 静态 Web 应用程序连接到使用专用端点保护的函数应用程序

[英]How to connect public-facing Azure Static Web App to a Function app that is secured with a private endpoint

 原文  2022-12-15 23:33:25       azure/ azure-functions/ azure-virtual-network/ azure-static-web-app

问题描述

I have an Azure static web app (SWA) that calls a "bring your own functions" API (required separation for an API accessing key vault).我有一个 Azure 静态 Web 应用程序 (SWA),它调用“自带函数”API(访问密钥保管库的 API 需要分离)。 The Function app is via a private endpoint. Function 应用程序通过专用端点。 I want the SWA to be public-facing, ideally with Enterprise-grade Edge.我希望 SWA 面向公众,最好具有企业级边缘。 In order to let the SWA talk to the function app, I established the same private endpoint for the SWA, resulting in a 403 now from the public Internet.为了让 SWA 与函数应用程序对话,我为 SWA 建立了相同的专用端点,导致现在来自公共 Internet 的 403。 How can I allow the SWA to be public facing (and benefit from CDN / Enterprise-grade Edge) while allowing it to connect to the secured Function app?如何允许 SWA 面向公众(并从 CDN/企业级边缘中受益)同时允许它连接到安全的 Function 应用程序? Thanks!谢谢!

1 个解决方案

解决方案1
 1 已采纳  2022-12-16 09:12:07

I'm afraid you cannot achieve this requirement using Static Web App and a FunctionApp behind a private endpoint.恐怕您无法使用静态 Web 应用程序和私有端点后面的 FunctionApp 来满足此要求。 The 'bring your own functions' feature requires the functions to not have IP restrictions. “自带函数”功能要求函数没有 IP 限制。 {1} {1}
If securing your functions behind a private endpoint is a must, you may want to use App Service instead, this way you can use the feature 'VNet Integration.如果必须在专用终结点后面保护您的功能,您可能希望改用应用服务,这样您就可以使用“VNet 集成”功能。 This feature allows you to route outbound traffic privately, using an IP from a subnet of your own VNet.此功能允许您使用您自己的 VNet 子网中的 IP 私下路由出站流量。 {2} {2}

Please, take a look at the documentation below:请查看以下文档:

{1} {1} 在此处输入图像描述

https://learn.microsoft.com/en-us/azure/static-web-apps/functions-bring-your-own#security-constraints https://learn.microsoft.com/en-us/azure/static-web-apps/functions-bring-your-own#security-constraints

{2} {2} 在此处输入图像描述

https://learn.microsoft.com/en-us/azure/app-service/overview-vnet-integration https://learn.microsoft.com/en-us/azure/app-service/overview-vnet-integration

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 部署到具有专用端点的 Azure Web 应用程序 - Deploy to an Azure Web App with a private endpoint 从 React SPA/Azure 静态 Web 应用程序调用 Azure AD 保护的 Azure 函数 - Calling an Azure AD secured Azure Function from React SPA/Azure Static Web App 使用私有端点保护时,如何使用外部应用程序访问 azure function - How to access azure function with external application when secured with Private endpoint Web App Azure的安全环境 - secured environment for web App Azure 如何在 Azure Web 应用程序中设置静态私有 IP? - How to set static private IP in Azure web app? azure function 和 azure static web 应用程序之间的区别? 怎么运行的? - Difference between azure function and azure static web app? How it works? CORS for Azure Function in a Azure Static Web App - CORS for Azure Function in a Azure Static Web App "Azure Web 应用容器专用终结点部署不适用于专用终结点容器注册表" - Azure web app container private Endpoint deployment doesn't work with private endpoint container registry 调用受 Azure 应用程序保护的 WEB API 端点方法时,访问令牌返回访问被拒绝 - Access token return access denied when call WEB API endpoint method secured with Azure app 无法从Web应用程序访问Azure公共和私有证书 - Azure public and private certificate not accessible from web app
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM