Closed thomas-tran closed 1 year ago
@thomas-tran you need to configure the Firewall in the Hub Vnet. The App Service subnet has a route table that locks the egress traffic down, so all the outbound requests starting from the web app, go through the firewall. If there is an allow rule there, they can pass, otherwise they are blocked.
@thotheod In the multitenant use case, if my app deployed in the app service required to query external API service like payment gateway Stripe API. Should I configure to allow access the Stripe API Ip address from the App service access restriction in the app subnet within the Spoke Vnet or the Firewall in the Hub Vnet?