You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
#customer intent: As an Azure App Service developer, I want to understand integration considerations for App Service and Application Gateway so I can implement the services.
12
13
---
13
14
14
15
# What is Azure Application Gateway integration with Azure App Service?
@@ -19,7 +20,7 @@ This article provides an overview for configuring Azure Application Gateway with
19
20
20
21
You can use private endpoints to secure traffic between Application Gateway and your App Service app. You need to ensure that Application Gateway can use Domain Name System (DNS) to resolve the private IP address of the App Service apps. Alternatively, you can use the private IP address in the back-end pool and override the host name in the HTTP settings.
21
22
22
-
:::image type="content" source="./media/overview-app-gateway-integration/private-endpoint-appgw.png" border="false" alt-text="Diagram of traffic flowing to an application gateway through a private endpoint to App Service apps.":::
23
+
:::image type="content" source="./media/overview-app-gateway-integration/private-endpoint-application-gateway.png" border="false" alt-text="Diagram of traffic flowing to an application gateway through a private endpoint to App Service apps.":::
23
24
24
25
Application Gateway caches the DNS lookup results. If you use fully qualified domain names (FQDNs) and rely on DNS lookup to get the private IP address, you might need to restart the application gateway. A restart is required when the DNS update or the link to an Azure private DNS zone happens after you configure the back-end pool.
25
26
@@ -36,7 +37,7 @@ Learn more about [configuring an App Service app with private endpoint](overview
36
37
37
38
As an alternative to using private endpoints, you can use service endpoints to secure the traffic from Application Gateway. By using [service endpoints](/azure/virtual-network/virtual-network-service-endpoints-overview), you can allow traffic from only a specific subnet within an Azure virtual network and block everything else. In the following scenario, you use this functionality to ensure App Service apps can receive traffic from only a specific application gateway.
38
39
39
-
:::image type="content" source="./media/overview-app-gateway-integration/service-endpoints-appgw.png" border="false" alt-text="Diagram of the internet flowing to an application gateway in a virtual network, then through a service endpoint firewall to App Service apps.":::
40
+
:::image type="content" source="./media/overview-app-gateway-integration/service-endpoints-application-gateway.png" border="false" alt-text="Diagram of the internet flowing to an application gateway in a virtual network, then through a service endpoint firewall to App Service apps.":::
40
41
41
42
This configuration has two parts, aside from creating the App Service app instance and the application gateway.
-[Review App Service Environment documentation](/azure/app-service/environment/)
128
129
-[Secure web app with Azure Web Application Firewall](/azure/web-application-firewall/ag/ag-overview)
129
-
-[Deploy secure, resilient site with custom domain on App Service with Azure Front Door or Application Gateway (Tutorial)](https://azure.github.io/AppService/2021/03/26/Secure-resilient-site-with-custom-domain)
130
+
-[Deploy securesite with custom domain on Azure Front Door or Application Gateway (Tutorial)](https://azure.github.io/AppService/2021/03/26/Secure-resilient-site-with-custom-domain)
0 commit comments