How do I configure an inbound NAT rule in Azure Firewall to point at an Azure Container App?

Christopher Febles 0 Reputation points
2024-10-14T15:43:46.87+00:00

The instructions to filter inbound traffic uses a Virtual Machine with a private IP address. If I set up a Container Apps Environment with a subnet and a Container App with VNet only ingress, the Container App replica doesn't have a private IP available. If I point the NAT rule at the Container App Environment's private IP address, requests aren't routed correctly to the Container App.

I'm using Terraform, but I've also tried creating the NAT rule with the CLI - I attempted to point at the --translated-fqdn of the Container App instead of the Container App Environment's IP address. This didn't seem to work either.

Is there any way to accomplish this?

Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
685 questions
Azure Container Apps
Azure Container Apps
An Azure service that provides a general-purpose, serverless container platform.
458 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.