![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 82%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDB%3C/text%3E%3C/svg%3E)
Azure Cosmos DB
An Azure NoSQL database service for app development.
1,681 questions
Hello , Welcome to MS Q&A
To query Azure Cosmos DB via a private endpoint from a web app, you need to set up a private endpoint for both the Cosmos DB and the web app. The private endpoint for the web app allows it to connect securely to the Cosmos DB over a private link, ensuring that the traffic does not traverse the public internet.
To connect a static web app to a CosmosDB instance via a private endpoint, you need to follow these steps:
- Ensure your static web app is on the Standard hosting plan: Private endpoints are only available for this plan.
- Create a private endpoint for your static web app:
- In the Azure portal, open your static web app.
- Select the "Private Endpoints" option from the side menu and click "Add."
- Fill in the required information, including the name, subscription, virtual network, and subnet.
- Ensure that the option to integrate with a private DNS zone is set to "Yes."
- Configure DNS settings: Ensure that the hostname of your static web app resolves to the private IP address of the private endpoint.
- Create a private endpoint for your CosmosDB instance:
- In the Azure portal, open your CosmosDB account.
- Select the "Private Endpoint Connections" option from the side menu and click "Add."
- Fill in the required information, including the name, subscription, virtual network, and subnet.
- Ensure that the option to integrate with a private DNS zone is set to "Yes."
- Configure DNS settings for CosmosDB: Ensure that the hostname of your CosmosDB instance resolves to the private IP address of the private endpoint.
- Update your application configuration: Ensure that your application is configured to use the private IP addresses for both the static web app and CosmosDB instanc
By following these steps, your static web app will be able to access the CosmosDB instance securely through the private endpoint.
References:
- Configure private endpoint in Azure Static Web Apps
- Quickstart: Create a private endpoint by using the Azure portal
- Enable Private access in Azure Cosmos DB for MongoDB vCore
- Configure Azure Private Link for an Azure Cosmos DB account
- Use private endpoints for access control By following these steps, your static web app will be able to access the CosmosDB instance securely through the private endpoint.
Please let us know if any further questions
Kindly accept if it helps
Thanks
Deepanshu