gpt4 book ai didi

web-services - 如何使用网络安全组仅允许我的 Web 应用程序与我的 Web 服务通信

转载 作者:行者123 更新时间:2023-12-02 23:49:12 26 4
gpt4 key购买 nike

我已经获得了我需要的所有资源。我将 Web 服务放入应用程序服务环境中,然后将 NSG 连接到应用程序服务环境使用的子网。然后,我允许 VNET 内的应用程序与 Web 服务进行通信,但它无法正常工作。我到底需要什么安全规则?

最佳答案

您可能想要一个ILB ASE相反,如果您只关心从虚拟网络内部访问应用服务环境,那么通过 VIP(公共(public) IP)公开您的应用服务环境是没有意义的。

来自https://azure.microsoft.com/en-us/documentation/articles/app-service-environment-with-internal-load-balancer/ :

An ASE can be deployed with an internet accessible endpoint or with an IP address in your VNet. In order to set the IP address to a VNet address you need to deploy your ASE with an Internal Load Balancer(ILB).

When your ASE is configured with an ILB you provide:

  • your own domain or subdomain. but you can configure it either way.
  • the certificate used for HTTPS
  • DNS management for your subdomain

In return, you can do things such as:

  • host intranet applications, like line of business applications, securely in the cloud which you access through a Site to Site or ExpressRoute VPN
  • host apps in the cloud that are not listed in public DNS servers
  • create internet isolated backend apps which your front end apps can securely integrate with

关于web-services - 如何使用网络安全组仅允许我的 Web 应用程序与我的 Web 服务通信,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/39833242/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com