Overview

The Azure app service is a compute platform tailored for providing a front end for web apps. In terms of abstraction it lies in between a VM and Server-less options. That's sort of a nebulous description. To simplify the target user is more of a web developer who would rather focus on developing their webapp instead of patching VM's and micromanaging networking etc. Using the app service front end you can then leverage other Azure services to improve performance, reliability, and scalability.

App service Networking

The app service is designed to put your app online on HTTP/S as quickly as possible. By default the app is publicly accessible, unless you create access restrictions. Once you are in the Standard tier you will have access to VNet integration which allows secure access to backend resources. In tiers below most resources will be accessed with their public address. For example, a connection to an Azure MySQL server would traverse the internet to reach the database. Azure databases support TLS encryption, and you can limit connections to only your app service so it is possible to achieve a reasonable level of security. If you have specific regulatory considerations you might need to use the VNet integration. If you need to setup a fully isolated WebApp that is not accessible publicly you will need to setup an isolated app service environment.

Inbound and outbound IP addresses Your WebApp will have two sets of addresses that it uses to communicate.

  • Inbound virtual IP: The inbound virtual IP is the primary ingress point, and is used for configuring your A records in DNS.
  • Outbound addresses: These are used by the worker processes to send outbound traffic. It is typically a set of 7 addresses.
  • Possible Outbound: This is an extended range of addresses that may change if one of the following actions is performed
    1. Delete an app and recreate it in a different resource group.
    2. Delete the last app in a resource group and region combination and recreate it.
    3. Scaling up your app from (Basic, Standard, or Premium) to Premium V2