Create Virtual Network for Azure App Services and Azure SQL Database
Azure virtual networks can be used to connect Azure resources to each other. Virtual network can also connect to on-premises network using Azure VPN gateway. This article shows the steps required to create a virtual network to connect Azure Web Service to Azure SQL database.
Create virtual network
First, we need to create a virtual network.
- Logon to Microsoft Azure portal.
- Search for and navigate to Virtual networks.
- Click Create virtual network button or + Create button.
- Input virtual network details including subscription, resource group, network name and region.
- Input IP addresses details. For this tutorial, I will directly use the default values (10.0.0.0/16).
- Configure security settings accordingly.
Add SQL database to virtual network
For existing SQL database on Azure, follow these steps to add it to the virtual network:
- Go to Azure SQL server blade.
- Click Security -> Firewalls and virtual networks.
- Go to Virtual networks section:
- Click link '+ Add existing virtual network'.
- Input the details and select the previously created virtual network:
- Click enable button to enable it.
Add App service to virtual network
For App service plans, only standard and above plans support virtual networks. Thus to add an app service to a virtual network, please ensure you service plan is at least S1:
And also please ensure the region of the VNet is the same as your app service; otherwise you won't be able to select the virtual network to integrate.
Now follow these steps to add App service to a virtual network:
- Go to the App Service blade.
- Click Settings -> Networking.
- Click 'VNet integration' link in Outbound Traffic card.
- Click '+ Add VNet' button:
- Select the virtual network:
- You can use existing subnet or creating a new one. For this case, I am using the default subnet.
- Click OK button to save the changes.
- Once it is done, the blade looks like the following screenshot:
Now the SQL database server and App services are both added into the same VNet.