I have an Azure Web App connecting to SQL FO Group at the moment using the Read/Write Listener of the SQL FO group connection string. I would like to use Private Link with Private Endpoint for the SQL DBs. So my Web App has to be enabled for Regional VNET integration if i am not wrong. I would like to know whether i need to create two private endpoints per Server or not for my Web App to work correctly if there is a failover of the SQL Database from primary to secondary.
I am following this url :
https://docs.microsoft.com/en-us/azure/architecture/example-scenario/sql-failover/app-service-private-sql-multi-region#alternatives
I am using Terraform for provisioning infrastructure.
So i would like to know if i have to specify one SQL Private Link for the two private endpoints or not
resource "azurerm_private_endpoint" "sql-primary-endpoint" {
name = module.names-pvt-endpoint.location.private_endpoint.name_unique
location = var.resource_group_location
resource_group_name = var.resource_group_name
subnet_id = data.azurerm_resources.sub-net.id
private_service_connection {
name = "sql-primary-connection"
private_connection_resource_id = azurerm_private_link_service.sql-pvt-link.id
is_manual_connection = false
}
}
resource "azurerm_private_endpoint" "sql-secondary-endpoint" {
name = module.names-pvt-endpoint-secondary.location.private_endpoint.name_unique
location = "eastus2"
resource_group_name = var.resource_group_name
subnet_id = data.azurerm_resources.sub-net.id
private_service_connection {
name = "sql-secondary-connection"
private_connection_resource_id = azurerm_private_link_service.sql-pvt-link.id
is_manual_connection = false
}
}