Share via

how to connect to azure managed instance from different vnet in hub and spoke?

Ijaz Muhammad 61 Reputation points
2024-06-19T08:10:55.1066667+00:00

My function app is in Vnet A and MI is in Vnet B. We use hub and spoke topology.

Function app is in spoke A and MI is in spoke B. Public access to MI is disabled now. We have a Azure firewall in the hub.

Azure SQL Database
Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
4,545 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,253 questions
Accepted answer
  1. GeethaThatipatri-MSFT 28,852 Reputation points Microsoft Employee
    2024-06-19T15:30:42.75+00:00

    @Ijaz Muhammad, Gnrgy Welcome to Microsoft Q&A thanks for posting your question.

    To connect to an Azure Managed Instance (MI) from a different virtual network (VNet) in a hub and spoke topology, you can use Azure Private Link to create a private endpoint for the MI in your virtual network. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/private-endpoint-overview?view=azuresql&tabs=separate-vnets

    https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/connect-application-instance?view=azuresql

    If you're considering using an Azure application gateway as a shared resource in your network topology, it's usually best to deploy it in a spoke virtual network. found a post for more information. https://learn.microsoft.com/en-us/answers/questions/1279885/azure-application-gateway-as-a-shared-resource-in

    For your specific scenario with Azure Firewall in the hub, you may need to create a route table for the spoke virtual network and configure the firewall policy for the hub virtual network Check Here

    Regards

    Geetha

    1 person found this answer helpful.
    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest