As we all are working on leveraging PaaS services, we notice the Network Security Blade is similar to each other.
Since the inclusion of Private endpoints for PaaS resources, it is a sigh of relief to get PaaS internal to your network with a fixed internal IP address.
I was under impression that when you private endpoint a PaaS service it automatically switches off the public access. I.e if a joe blog hacker has key of your service then it's useless as he/she needs to be inside the network first to be able to gain access.
But I am proven wrong with the following resources
- Service Bus
- Event Hub
Even though the networking blade says "selected network" + private endpoint, then it still is open public until at least one IP address is added in its IP list 😭
I have added this as user voice for at least put a label on such services.
I have updated our service design, have you considered it?
Comments
Post a Comment