cachai2
commented
4 weeks ago Hi @shaunpearsondev, is this a feature request on Azure Container Apps or on Azure App Service Environments? These are two different products. If this is feedback for Azure App Service Environments, please let me know, and I can pass it on.
In Azure Container Apps, environments are created with a load balancer. However, we provide the ability to disable the public endpoint for the load balancer, so it's only accessible from your VNet as well as disable ingress for each application, so they are only accessible by other apps in the environment. In full transparency, the load balancer handles core layer 4 networking capabilities for the ACA Environment, so it's something we most likely won't remove. However, I can add it to the backlog as a feature request if the above don't satisfy your requirements.
shaunpearsondev
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is
Adding a container app environment to a VNET creates a loadbalancer which I do not need as my application is reading from a queue and sending http calls so no ingress is required.
The reason I ned to add the ASE to the VNET is so I can have a static egress IP via NAT Gateway
Describe the solution you'd like.
A clear and concise description of what you want to happen, any scenarios it will unblock, etc.
Add the option to turn off ingress at the container app environment level and have this filter down to the apps below
This should also not create the load balancer to save costs
Describe alternatives you've considered.
A clear and concise description of any alternative solutions or features you've considered.
Running outside the VNET but the clients I am working with require IP restrictions