Hello @Sanjay Singh ,
Thanks for reaching out to Microsoft Q and A platform.
Please find the details regarding the query you have raised.
2. Coming to the query, you need to use AI vision service, API to extract the Data from AWS database and with the same making use of Application Gateway.
3. Application Gateway:
Backends supported by the application gateway: Application gateway components | Microsoft Learn
· NICs
· Virtual machine scale sets
· Public IP addresses
· Internal IP addresses
· FQDN
· Multitenant backends (such as App Service)
4. So, we can’t add Azure AI vision service directly as a backend pool, but you could add a FQDN which is the Endpoint of the “Custom Vision”.
5. But here the issue is that, you visualize the “Custom Vision” resource created via https://www.customvision.ai/ which would indeed make use of the resource created.
6. Layering of the Application Gateway for this scenario has not been documented. But if you are worried about the security of the AI vision endpoint, please do consider the below option:
|Virtual
networks|Virtual networks allow you to
specify which endpoints can make API calls to your resource. The Azure
service will reject API calls from devices outside of your network. You can
set a formula-based definition of the allowed network, or you can define an exhaustive
list of endpoints to allow. This is another layer of security that can be
used in combination with others.|
| -------- | -------- |
||
7. Document:
https://learn.microsoft.com/en-us/azure/ai-services/security-features#security-features
Configure Virtual Networks for Azure AI services - Azure AI services | Microsoft Learn
So, since the visualization done via the https://www.customvision.ai/ project, at this time am not seeing any ready architecture which would make all the calls to go via the Application gateway. I would encourage you to re-analyze the requirement.
Current flow is : https://www.customvision.ai/ è Having a project with the “Custom View” è which would make the API calls to get the details to visualize form.
ANSWER: Privately you could achieve this scenario by using “Private Endpoint” or “Service Endpoint”, without the use of “Application Gateway”.
Please do let me know if my understanding of your requirement is wrong. I would love to help you with more details.
Regards,
Priya Kumar