How to enable container app to talk to azure app service

Question

I am looking for a solution to have an internal Azure Container Apps environment (apps won't be exposed to the internet). that need to have inbound connections from other azure services such as App services which will require inbound and outbound from the container app exclusively to those selected resources only

(Sometime the services can be in a different azure tenant as well)

The solution must support the use of FQDN endpoints instead of IP addresses for service discovery. IP addresses will probably be dynamically assigned.

Assumption: internal Container App envs are scoped to their own private DNS zone, so the endpoint URLs are unknown outside this boundary.

Answer 1

Hi nikithakoshy,

Welcome to the Microsoft Q&A Platform! Thank you for asking your question here.

You need to use Azure Private Link.

Azure Private Link is a service that allows you to connect your Azure resources to a private endpoint in a virtual network. This provides a private connection to the service, bypassing the public internet.

Please follow the below steps:

1. Create a Private Endpoint:
   • In the Azure portal, navigate to the resource you want to connect to (e.g., Azure App Service).
   • Select "Private Link" and create a new private endpoint.
   • Choose a virtual network and subnet where your Container Apps environment resides.
   • Specify the private IP address range for the private endpoint.
2. Configure Container Apps:
   • In your Container Apps environment, configure the network settings to allow outbound connections to the virtual network where the private endpoint is located.
   • Use the private endpoint's FQDN in your Container Apps applications to connect to the Azure App Service.
   If you find this answer helpful, please click "Accept Answer" and kindly upvote it.