Home > Net >  Can Azure Service Bus be exposed both as public as well as private end point?
Can Azure Service Bus be exposed both as public as well as private end point?

Time:02-01

I have a requirement where one of our customers wants to interact with our service bus through a VPN. So, I figured out that the VPN can be set up and enable a private endpoint in the service bus which can be linked to the same virtual network as the VPN virtual network. By doing this the customer can talk to the Azure Service Bus through the VPN connection(please correct me if this is also not possible). But, doing so will shut the communication to the Azure Service bus via the internet which the other customers are already using. Is there a way to satisfy both customers in Azure?

CodePudding user response:

The short answer is that you can run both public network access and private endpoint at the same time. This goes for other PaaS services as well.

https://learn.microsoft.com/en-us/azure/service-bus-messaging/private-link-service

If you Disable the public network access, then you restrict all traffic to the service bus namespace over private endpoint only.

You should use Selected networks for optimal security, so other people can still continue to use it. Private Endpoint should be seen as how externals can communicate to the PaaS service. Many Azure services are dependent on the public endpoint thus disabling that will break functionality.

NB: The service bus namespace must be Premium.

  • Related