How do I setup my Azure Container Instance to access my On-prem SQL data securely

Question

How do I setup my Azure Container Instance to access my On-prem SQL data securely

Vikneeshwaran K 20

I need to ensure that my Azure Container Instances (ACI) have secure connectivity to access data from my on-premises server, with both inbound and outbound communication. All communication should occur over private networks, without any public access. Please provide a solution to achieve this setup.

KapilAnanth 49,876 Reputation points Moderator

2024-09-17T08:55:33.8133333+00:00
@Vikneeshwaran K ,

Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

I see TP has suggested the use of Virtual Network Integration as mentioned here : Deploy container instances into an Azure virtual networkPlease note that VNET Integration helps the PaaS Service communicate securely with other resources in the virtual network (private network of your Azure and on-premises resources)

For more info, review Virtual network scenarios and resources

Make sure the firewall allows all ip addresses within the virtual network, for inbound connections

Review the limitations section thoroughly

Kindly let us know if this helps or you need further assistance on this issue.

Thanks,

Kapil

Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.

Answer accepted by question author

0 additional answers

Your answer

KapilAnanth 49,876 Reputation points Moderator

2024-09-17T08:55:33.8133333+00:00

@Vikneeshwaran K ,

Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

I see TP has suggested the use of Virtual Network Integration as mentioned here : Deploy container instances into an Azure virtual networkPlease note that VNET Integration helps the PaaS Service communicate securely with other resources in the virtual network (private network of your Azure and on-premises resources)

For more info, review Virtual network scenarios and resources

Make sure the firewall allows all ip addresses within the virtual network, for inbound connections

Review the limitations section thoroughly

Kindly let us know if this helps or you need further assistance on this issue.

Thanks,

Kapil

Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.

Answer 1

TP 157K Volunteer Moderator

Hi,

When creating your container instance you may choose to connect it to a Virtual Network (VNet) where it will have a private IP address. You may use Azure VPN Gateway to connect this VNet to your on-premises network using Site-to-Site connection.

qna aci private vnet

Tutorial: Create a site-to-site VPN connection in the Azure portal

https://learn.microsoft.com/en-us/azure/vpn-gateway/tutorial-site-to-site-portal

It costs more and will take longer to get set up, but an even better option would be Azure ExpressRoute. If you want you could start with S2S VPN connection via your Internet connection and switch to ExpressRoute later if needed.

Once you have one of the above options configured your ACI will be able to securely connect to your on-premises network (and SQL server residing on this network).

Please click Accept Answer and upvote if the above was helpful.

Thanks.

-TP

TP 157K Reputation points Volunteer Moderator

2024-09-19T17:31:40.74+00:00

@Vikneeshwaran K Any update?
Vikneeshwaran K 20 Reputation points

2024-09-19T17:34:15.6566667+00:00

Thanks, we used express route for this

Share via

How do I setup my Azure Container Instance to access my On-prem SQL data securely

0 additional answers

Your answer