communication between azure resouces in same data center.

Somnath Shukla 411 Reputation points
2021-01-06T15:09:53.027+00:00

Let say i have blob storage account secure and publicly accessible. And i am accessing storage from a aks pod. Both resources are in same region NEU.
My question is can i assume communication between these two resources will be private within the azure network?
how communication happens between two data centers in same region through public network or azure private network.
is there any documentation for the same?
question is same for sql database Redis cache, service bus etc.

Note: Here i have not enabled the private network.

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,670 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,133 questions
Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,849 questions
0 comments
Accepted answer
  1. deherman-MSFT 33,141 Reputation points Microsoft Employee
    2021-01-06T19:59:03.243+00:00

    @Somnath Shukla
    Since the source and destination reside in the same region the traffic will likely not leave the Microsoft network. I tested your scenario and found that with tcp traceroute to blob endpoint showed only one hop. However in order to improve security and ensure this is always the case I recommend creating a private endpoint or granting access from the a virtual network. The private endpoint uses an IP address from the VNet address space for your storage account service. Network traffic between the clients on the VNet and the storage account traverses over the VNet and a private link on the Microsoft backbone network, eliminating exposure from the public internet.

    I would recommend reading the documentation here for more information on how to best route traffic between services.

    Hope this helps. Let us know if you have further questions or issues.

    -------------------------------

    Please don’t forget to "Accept the answer" and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest