Deploy two App Services - Front web app with VNet injection and Back web app with a Private Endpoint
This deploys a secure front end - back end web app. The front end web app is plugged in a subnet with the feature regional VNet integration enabled. Settings are set to consume a DNS private zone. The backend web app is only exposed through a private endpoint.
It will create a VNet, two subnets, one where your Private Endpoint will exist, the second where you will inject the front web app, an App Service Plan in PremiumV2 tier (mandatory for Private Endpoint), a Private Endpoint, settings for DNS queries to the DNS Private Zone, and a private DNS zone with record for the Private Endpoint.
Prerequisites
Optional config params
virtualNetworkCIDR
- CIDR range for the vnet (defaults to10.200.0.0/16
)backendCIDR
- subnet CIDR range for the backend (defaults to10.200.1.0/24
)frontendCIDR
- subnet CIDR range for the frontend (defaults to10.200.2.0/24
)
Steps
After cloning this repo, from this working directory, run these commands:
Create a new stack, which is an isolated deployment target for this example:
$ pulumi stack init dev
Set the Azure region location to use:
$ pulumi config set azure-native:location westus2
Next, install the dependencies:
$ npm install
Stand up the cluster by invoking pulumi
$ pulumi up