Connect Azure Front Door Premium to a Web App origin with Private Link
This article will guide you through how to configure Azure Front Door Premium SKU to connect to your Web App privately using the Azure Private Link service.
Prerequisites
- An Azure account with an active subscription. Create an account for free.
- Create a Private Link service for your origin web servers.
Note
Private Endpoint is available in public regions for PremiumV2-tier, PremiumV3-tier Windows web apps, Linux web apps, and the Azure Functions Premium plan (sometimes referred to as the Elastic Premium plan).
Sign in to Azure
Sign in to the Azure portal.
Enable Private Link to a Web App in Azure Front Door Premium
In this section, you'll map the Private Link service to a private endpoint created in Azure Front Door's private network.
Within your Azure Front Door Premium profile, under Settings, select Origin groups.
Select the origin group that contains the Web App origin you want to enable Private Link for.
Select + Add an origin to add a new web app origin or select a previously created web app origin from the list.
For Select an Azure resource, select In my directory. Select or enter the following settings to configure the site you want Azure Front Door Premium to connect with privately.
Setting Value Region Select the region that is the same or closest to your origin. Resource type Select Microsoft.Web/sites. Resource Select myPrivateLinkService. Target sub resource sites Request message Customize message or choose the default. Then select Add to save your configuration.
Approve Azure Front Door Premium private endpoint connection from Web App
Go to the Web App you configure Private Link for in the last section. Select Networking under Settings.
In Networking, select Configure your private endpoint connections.
Select the pending private endpoint request from Azure Front Door Premium then select Approve.
Once approved, it should look like the screenshot below. It will take a few minutes for the connection to fully establish. You can now access your web app from Azure Front Door Premium. Direct access to the Web App from the public internet gets disabled after private endpoint gets enabled.
Next steps
Learn about Private Link service with Azure Web App.