Azure App Service - VNet Integration vs Private Endpoint vs Hybrid Connection

Question

I have a .NET Web API running in Azure App Service. It needs to connect to the RabbitMQ service running on my On-Prem server. How should I establish that connection between Azure App Service and RabbitMQ service port?

Do I need to whitelist the outbound IP addresses of Azure App Service in my firewall for this change?

Answer 1

The outbound IP address of Azure app service might change, see when it will change .

So you could have two options:

• Hybrid connection . It makes outbound calls to Azure over port 443. Hybrid Connections provides access from your app to a TCP endpoint and does not enable a new way to access your app. As used in App Service, each Hybrid Connection correlates to a single TCP host and port combination.
• VNet integration and VPN gateway. With these methods, you can access the RabbitMQ service in a private.network with a point to site or site to site VPN connection. VNet Integration is used only to make outbound calls from your app into your VNet. It doesn't grant inbound private access to your app from the VNet. In this case, If you want to use Private Endpoints for Azure Web App , then you need to either integrate with Azure DNS Private Zones or manage the private endpoint in the DNS server used by your app.