Home > database >  Subnet to subnet peering in azure
Subnet to subnet peering in azure

Time:09-07

We have our application and database in different VNETs in different subscription. Also we have different environments (Pre-Production and Production). Currently the database for PROD and PRE-PROD is in different subnet but same VNET.

I see we can have peering at VNET level. We want the peering between the application and database at subnet level so that PRE-PROD application should not be able to connect to PROD database and vice-versa.

CodePudding user response:

From Microsoft documentation:

Azure routes traffic between all subnets within a virtual network, by default. You can create your own routes to override Azure's default routing.

enter image description here

This approach is described here: https://docs.microsoft.com/en-us/azure/architecture/framework/security/design-network-segmentation

You would want to create one NSG per subnet, make a rule to block all inbound traffic and then allow only traffic that is required. Note that NSG's are stateful, so you do not need to specify outbound rules for your traffic. Also make sure you apply the rules in the right order from top to bottom. The rule with the lowest id is applied first.

Page link:https//www.codepudding.com/database/536734.html

Prev:Javascript array to string returning in a function
Next:MAP Nested JSON using rest API in Azure Data Factory using for each Iterator through a stored proced
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding