Open chrish434 opened 2 years ago
v-bbalaiagar
commented
2 years ago Hi @chrish434 , Thank you for your feedback! Here is a blog post which addresses similar scenario - https://techcommunity.microsoft.com/t5/apps-on-azure-blog/connect-to-private-endpoints-with-azure-functions/ba-p/1426615
Please check and let us know if this helps.
chull434
commented
2 years ago Hi @chrish434 , Thank you for your feedback! Here is a blog post which addresses similar scenario - https://techcommunity.microsoft.com/t5/apps-on-azure-blog/connect-to-private-endpoints-with-azure-functions/ba-p/1426615
Please check and let us know if this helps.
Hi, yes private link works, the issue is when I try and use the new NSG support for private link on the storage account set in the AzureWebJobsStorage variable
https://azure.microsoft.com/en-us/updates/public-preview-of-private-link-network-security-group-support/ https://docs.microsoft.com/en-us/azure/private-link/disable-private-endpoint-network-policy
With "privateEndpointNetworkPolicies": "Disabled" on the private link subnet for the storage account functions works ok but with "privateEndpointNetworkPolicies": "Enabled" the functions are unable to connect to the storage account when starting the Timer Trigger and crashes the functions runtime.
Also this is using an app service plan with vnet integration.
Other uses of the private link with nsg seem to work ok such as cosmos db, key vault, blob storage etc
My question is, is this a supported feature or not? or is there any strange rules that need set in the NSG to allow the connection through that are not documented somewhere?
v-bbalaiagar
commented
2 years ago Hi @chrish434 , Thank you for the update. We will check for the possibilities internally and update you with the findings.
ghost
commented
2 years ago This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment.
v-bbalaiagar
commented
2 years ago Hi @mattchenderson , Could you please look into this issue
Is your question related to a specific version? If so, please specify:
Functions V4, plus Private Link NSG (Preview)
What language does your question apply to? (e.g. C#, JavaScript, Java, All)
C#, windows and linux
Question
Hi, was testing using the new Private Link NSG support which is in preview, doesn't seem to want to work with the storage account set in the AzureWebJobsStorage variable, is there any official docs that say if this is supported or not, couldn't find anything in regards to this networking issue. Seems to work ok for key vault, other storage accounts and cosmos db triggers.