Access database behind Azure firewall from Logic App in Consumption Plan

Question

Hi there,

I am designing a solution which would require to execute database query on a vendor database which is behind azure firewall. There would probably be IP white-listing enabled on the firewall.

The database would be in a different azure tenancy(Azure AD), owned by the vendor.

We currently have limited usage of Logic Apps, so Integration Service Environment(ISE) does not justify the cost.

Another solution would probably be using the Function app/Web app and use the App service hosting plan which has Virtual network support that channel the request to Azure Firewall from a specific range of IP addresses allocated to Virtual network. We also code for database query execution in function app/web app. It looks like a lengthy solution to me. I am also looking for validation from experts if that's even workable solution

If you can suggest a simpler approach that will get Great.

Thanks.

Regards,

Umair

Answer 1

Hello Umair,

The simplest approach would be to allow Logic App IP address in database Firewall.

The IP addresses that Azure Logic Apps uses for incoming and outgoing calls depend on the region where your logic app exists. All logic apps that are in the same region use the same IP address ranges.

You can learn more about Firewall configuration Logic App here.

Answer 2

One of the approaches is to whitelist Azure Logic Apps regional IPs, but this will expose the database to any logic apps in that region.

The firewall config information can be found here