Azure Web Apps (App Services – Integration) – Part 1

Azure Web App Integration:

Integration consists of the following methods:

  • Azure vNET integration
  • Hybrid Connectivity Manager (HCM)
  • App Service Environment (ASE)

 

Important notes about Azure vNET integration:

If the vNET has a coexisting gateway (S2S VPN + Express Route), it won’t work as long as the Express Route Gateway is there. It’s compatible only if your vNET has a VPN Gateway only.  Alternative methods are to use ASE or Hybrid Connectivity Manager

 

A bit more about HCM in terms of security:

 

Hybrid Connections provide a way to connect your Web and Mobile Apps features in Azure App Service:

hcmdiag

 

Secure Access:

 

  • Web Apps and Mobile Apps can access existing on-premises data and services securely.
  • Multiple Web Apps or Mobile Apps can share a Hybrid Connection to access an on-premises resource.
  • Minimal TCP ports are required to access your network.
  • Applications using Hybrid Connections access only the specific on-premises resource that is published through the Hybrid Connection.
  • Can connect to any on-premises resource that uses a static TCP port,

 

Authorisation

  • Hybrid Connections use Shared Access Signature (SAS) authorization to secure the connections from the Azure applications and the on-premises Hybrid Connection Manager to the Hybrid Connection.
  • Separate connection keys are created for the application and the on-premises Hybrid Connection Manager. These connection keys can be rolled over and revoked independently.
  • Hybrid Connections provide for seamless and secure distribution of the keys to the applications and the on-premises Hybrid Connection Manager.

 

porttable

Useful Links:

Access on-premises resources using hybrid connections in Azure App Service

 

Hybrid Connection error with SQL Server: System.OverflowException: Arithmetic operation resulted in an overflow