I have a VM running on Azure. On this VM I am running MariaDB. I am using An App Service to host my website. I want to connect my website to my database but don't want my database to be publically accessible.
Is this possible?
Asked
Active
Viewed 524 times
2 Answers
0
Yes. All you have to do is to integrate your App Service to the Virtual Network that you have your VM on. Here's an article explaining how to achieve this:
https://docs.microsoft.com/en-us/azure/app-service/web-sites-integrate-with-vnet
Bruno Faria
- 3,804
- 1
- 11
- 18
0
Yes it is possible. First, you need to choose appropriate App Service Plan which supports VNET. As of this answer, the only Isolated Service Plan (aka Azure App Service Environment) allows you to have your Web App inside a virtual network (VNET).
Your virtual machine running MariaDB needs to be in the same virtual network with the the App Service Plan. Otherwise you need to set up VPN integration.
Azure Service Environment has several decision considerations because its price is expensive. The cheapest costs $0.3/hour (around $213/month). First, App Service Environment is not aimed only for isolated VNET to work, it is for compute resource which is dedicated to handle your web application workload. For VNET capability, you can control inbound and outbound traffic with Network Security Group for your web application. A common scenario when App Service Environment is that you have an on-premises environment hosting business-critical databases which you don't want to move to the cloud, while you like to take advantages of scalability & high availability at front-end and application tiers from cloud computing.
I don't know how critical you are when having a VNET for your web application hosted in Azure App Service. If not, perhaps you'd consider establishing a DNS over the Internet for your MariaDB connection string and have some security implementations to control the connection
- Strong password which is hard to be guessed by brute-force technique.
- Use encryption with certificate over database connection string.
- Enable encryption at database level (if MariaDB supports).
EagleDev
- 171
- 5