It can be any SaaS services that able to connect to a backend database service. In our specific case its Sas Viya.
Hub spoke architecture public access
I am hoping to get a conformation about a best practice concearning the hub spoke architecture.
We have a hub spoke architecture. It has a expressroute connection between the onprem network and Azure. The er gateway is in the hub network, so is a Azure Firewall. We have (sofar) 1 spoke network. In it is a azure private link to Synapse Analytics. Public access to Synapse is disabled, so its only available through its private ip through the hub spoke model. Now we have a SaaS service in Azure that needs to communicate with Synapse Analytics. The best way, we think, is through the Azure Firewall using its public ip and then perform a dnat action. Since the SaaS service and Azure firewall are on Azure, their public ip communication stays on the ms network. I would like to know if the above setup is indeed the best practise.
Hello @C.J. Vieleers , Thank you for reaching out and apologies for the delayed response here. Can you please let us know which SaaS service you are using? so that we can comment on the architecture.
Sign in to comment
Sort by: Most helpful