How to implement Functionapp with Service Bus in a private network setup ?

Question

Hello, I have an azure functionapp which picks up messages from an Azure Service Bus. The functionapp needs to be set in a private network setup meaning, it is vnet integrated with a delegated subnet, and has a private endpoint in the default subnet. Also the storage account to which connects has 4 private endpoints (blob,file,queue,table) in the default subnet, and it connects with it via managed identity. The main goal is to have everything public disabled and only accessible inside from the virtual network. For the Service Bus I see that I can implement it with an private endpoint and configure it's private dns zone so probably I would be able to resolve it from the functionapp (if I try it from kudu with nslookup) but my question is what configuration needs to be done so it can access the service bus via the private endpoint and not via the public endpoint with the shared access key (connection string) ? Is there any specific app setting for the functionapp that defines how to access the service bus ?

Answer 1

@Ceci Ivanov Thanks for reaching out.

To answer this "what configuration needs to be done so it can access the service bus via the private endpoint and not via the public endpoint with the shared access key (connection string)"

Your function app would have the app settings SERVICEBUS_CONNECTION that should now point to private DNS endpoint name for your service bus.

Key: SERVICEBUS_CONNECTION Value: <your-service-bus-namespace-name>.privatelink.servicebus.windows.net

Note: Please use the same key that you have defined for your service bus binding and not as per the above example.

To know more about service bus private endpoint please refer to this document and to learn azure function with private endpoint please refer to this document.

Let me know if I misunderstood your ask or you need any assistance.

Please click on 'Yes' if it helped so that it can help others in the community looking for help on similar topics.