Hi revanth kumar,
This design is depending on the comunication from Internal (Onpremise) network and azure virtual network, There are many options and here’s a high-level design for two possible escenaries :
Connection thorught VPN to azure
+----------------+ +-----------------+ +-----------------+ +-----------------+
| | | | | | | |
| External | | Azure API | | Internal | | Django API |
| Client | --> | Management | --> | Network(FW) | --> | & Database |
| | | (API Gateway) | | (VNet/VPN) | | |
+----------------+ +-----------------+ +-----------------+ +-----------------+
Considerations:
- API Gateway Setup: Use Azure API Management.
- Internal Deployment: Deploy Azure API Management instance to a virtual network in internal mode.
- Connect to Internal Servers: Use internal mode on API Management and the VNet. Route all internal traffic via VNets/VPN. For external traffic, use a Web Application Firewall (WAF) with VNet User Defined Routes (UDR).
- Database Connection: API and Database in the same network it doesn't require additional config
- Django API: Set up your Django API to accept calls under certain patterns.
Insight: You might also need to consider aspects like security, scalability, and maintainability while designing your solution in the other azure services.
Connection thorught Firewall publishing APIs
+----------------+ +-----------------+ +-----------------+ +-----------------+
| | | | | | | |
| External | | Azure API | | Firewall | | Django API |
| Client | --> | Management | --> | (Public Access)| --> | & Database |
| | | (API Gateway) | | | | |
+----------------+ +-----------------+ +-----------------+ +-----------------+
Considerations:
- API Gateway Setup: Use Azure API Management.
- Connect to Internal Servers: The API Gateway forwards the request to the Firewall (which allows public access or white-list access). The Firewall then sends the request to the Django API & Database.
- Database Connection: API and Database in the same network it doesn't require additional config
- Django API: Set up your Django API to accept calls under certain patterns.
Insight: It’s important to ensure that the APIs are secure and that the firewall is properly configured to only allow authorized traffic
Additional references:
- https://learn.microsoft.com/en-us/azure/architecture/microservices/design/gateway
- https://learn.microsoft.com/en-us/azure/api-management/api-management-using-with-internal-vnet?tabs=stv2
- https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-integrate-internal-vnet-appgateway
Let me know if this help you.
Luis,
If the information helped address your question, please Accept the answer.