Share via

Custom Domain for Private App Service

Neal, Tom 125 Reputation points
2023-09-06T20:14:19.73+00:00

We currently have a number of app services that are privately networked, with private endpoints and private dns configured to allow the websites to resolve on their <app_name>.privatelink.azurewebsites.net address. As we move to production we were wondering whether it is possible to utilise a custom domain within this private scenario? So rather than utilising the privatelink address can we utilise something such as <app_name>.<subdomain>.<company_name> within this private setting? So the custom domain address would resolve to the private IP of the web app. I’ve seen numerous ways of how to do this via public DNS for apps that are publicly accessible but am unsure whether this is possible when your apps are purely private.

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,807 questions
Accepted answer
  1. brtrach-MSFT 16,431 Reputation points Microsoft Employee
    2023-09-07T01:00:00.4433333+00:00

    @Neal, Tom For multi-tenant App Services, you can use a custom domain with a private endpoint. Here are the general steps to follow:

    1. Create a private endpoint: Create a private endpoint for your App Service. You can do this in the Azure portal or using Azure CLI.
    2. Create a private DNS zone: Create a private DNS zone for your custom domain. You can do this in the Azure portal or using Azure CLI.
    3. Create DNS records: Create DNS records in the private DNS zone that point to the private IP address of your private endpoint. You can create an A record that points to the private IP address of your private endpoint, and optionally create a CNAME record that points to the A record.
    4. Link the private DNS zone to your virtual network: Link the private DNS zone to your virtual network that is hosting your private endpoint. You can do this in the Azure portal or using Azure CLI.
    5. Configure your App Service to use the custom domain: Configure your App Service to use the custom domain by adding the custom domain to the App Service's custom domains list. You can do this in the Azure portal or using Azure CLI.

    Once you have completed these steps, you should be able to access your App Service using the custom domain you have configured. The custom domain will resolve to the private IP address of your private endpoint, allowing you to access it privately.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. irshad ahmed 411 Reputation points
    2024-09-25T10:37:26.55+00:00
    1. For the app service created under ILB ASE(the suffix would be appserviceenvironment.net) you could just configure the DNS record on Private DNS Zone and no need to create TXT DNS record on public DNS
    2. But for the app service created under Multi Tenant(Public Stamp), you need configure the TXT record on Public DNS Zone to prove that you have the control of your custom domain, this step is required.
    3. And you could remove the TXT record from public DNS zone if need.
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.