Styjun

Calculus Books, preferably Soviet.

Should I get a noble in order to win Splendor?

Importance of electrolytic capacitor size

What is the most likely cause of short, quick, and useless reviews?

Why not use futuristic pavise ballistic shields for protection?

Heuristic argument for the Riemann Hypothesis

How to find better food in airports

Which is the best password hashing algorithm in .NET Core?

Can a Simulacrum reproduce?

Tiny image scraper for xkcd.com

Why is k-means used for non normally distributed data?

Initializing a std::array with a constant value

Is it safe for a student to give negative feedback in student evaluations?

Disney Musicians Ordering

Does immunity to non magical damage negate sneak attack damage?

Why do modes sound so different, although they are basically the same as a mode of another scale?

How to get all months in a query where one month has no matches?

Is there anything in the universe that cannot be compressed?

Do we know the problems the University of Manchester's Transistor Computer was intended to solve?

How is total raw calculated for Science Pack 2?

co-son-in-law or co-brother

Taking the first element in a list of associations

Punishment in pacifist society

2 : 1 gear ratio in studless technic

Securing Azure Functions and on-premises to Azure Sql calls

Best Practices for securing a REST API / web serviceHow can I prevent SQL injection in PHP?How does the SQL injection from the “Bobby Tables” XKCD comic work?Secure hash and salt for PHP passwordsCould not establish trust relationship for SSL/TLS secure channel — SOAPSecurely Connecting to SQL AzureSecurity of in-transit data for Geo-Replication in Azure SQL DatabaseAzure Functions connect to on-premises SQL ServerAzure function connectionstring for Azure SQL trough VNetHow secure is Azure SQL connection?

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;

0

• Say we have a 3rd party vendor trying to call an Azure function, how do we secure the communication channel? Using ssl?


• How do we secure communication from on-premises to Azure Sql? [beyond PAT tokens, I want the communication line into Azure encrypted]. We do have Azure AD from on-premises to Azure

security ssl azure-sql-database azure-functions

share|improve this question

edited Mar 28 at 2:23

teeboy

asked Mar 28 at 2:14

teeboyteeboy

11699 bronze badges

add a comment | 

0

• Say we have a 3rd party vendor trying to call an Azure function, how do we secure the communication channel? Using ssl?


• How do we secure communication from on-premises to Azure Sql? [beyond PAT tokens, I want the communication line into Azure encrypted]. We do have Azure AD from on-premises to Azure

security ssl azure-sql-database azure-functions

share|improve this question

edited Mar 28 at 2:23

teeboy

asked Mar 28 at 2:14

teeboyteeboy

11699 bronze badges

add a comment | 

• Say we have a 3rd party vendor trying to call an Azure function, how do we secure the communication channel? Using ssl?


• How do we secure communication from on-premises to Azure Sql? [beyond PAT tokens, I want the communication line into Azure encrypted]. We do have Azure AD from on-premises to Azure

security ssl azure-sql-database azure-functions

share|improve this question

edited Mar 28 at 2:23

teeboy

asked Mar 28 at 2:14

teeboyteeboy

11699 bronze badges

share|improve this question

edited Mar 28 at 2:23

teeboy

asked Mar 28 at 2:14

teeboyteeboy

11699 bronze badges

share|improve this question

edited Mar 28 at 2:23

teeboy

asked Mar 28 at 2:14

teeboyteeboy

11699 bronze badges

asked Mar 28 at 2:14

teeboyteeboy

11699 bronze badges

asked Mar 28 at 2:14

teeboyteeboy

11699 bronze badges

1 Answer
1

active

oldest

votes

1

Securing Azure Function :
When you deploy Azure function the endpoint is publically available so you can access them.

One way is to put the function in ILBASE and put WAF in front of ILBASE. In this way your functions endpoints are not exposed publically directly but yes this is quite costly .
In this you will have full control over the traffic and then you can enable SSL .

Second would be put SSL as you have mentioned.

Third Option would be to authenticate your user from Azure AD with function app.

Fourth option would be to use managed identies with function app.

For secure communication from on-premises to Azure Sql :

This can also be achived by couple of ways. But I belive the easiest way to use Hybrid Connections.
The connection uses TLS 1.2 for security and shared access signature (SAS) keys for authentication and authorization

share|improve this answer

answered Mar 29 at 3:34

DixitArora-MSFTDixitArora-MSFT

78366 bronze badges

add a comment | 

Your Answer

StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55389202%2fsecuring-azure-functions-and-on-premises-to-azure-sql-calls%23new-answer', 'question_page');

);

Post as a guest

Name

Email

Required, but never shown

1

Securing Azure Function :
When you deploy Azure function the endpoint is publically available so you can access them.

One way is to put the function in ILBASE and put WAF in front of ILBASE. In this way your functions endpoints are not exposed publically directly but yes this is quite costly .
In this you will have full control over the traffic and then you can enable SSL .

Second would be put SSL as you have mentioned.

Third Option would be to authenticate your user from Azure AD with function app.

Fourth option would be to use managed identies with function app.

For secure communication from on-premises to Azure Sql :

This can also be achived by couple of ways. But I belive the easiest way to use Hybrid Connections.
The connection uses TLS 1.2 for security and shared access signature (SAS) keys for authentication and authorization

share|improve this answer

answered Mar 29 at 3:34

DixitArora-MSFTDixitArora-MSFT

78366 bronze badges

add a comment | 

1

Securing Azure Function :
When you deploy Azure function the endpoint is publically available so you can access them.

One way is to put the function in ILBASE and put WAF in front of ILBASE. In this way your functions endpoints are not exposed publically directly but yes this is quite costly .
In this you will have full control over the traffic and then you can enable SSL .

Second would be put SSL as you have mentioned.

Third Option would be to authenticate your user from Azure AD with function app.

Fourth option would be to use managed identies with function app.

For secure communication from on-premises to Azure Sql :

This can also be achived by couple of ways. But I belive the easiest way to use Hybrid Connections.
The connection uses TLS 1.2 for security and shared access signature (SAS) keys for authentication and authorization

share|improve this answer

answered Mar 29 at 3:34

DixitArora-MSFTDixitArora-MSFT

78366 bronze badges

add a comment | 

Securing Azure Function :
When you deploy Azure function the endpoint is publically available so you can access them.

One way is to put the function in ILBASE and put WAF in front of ILBASE. In this way your functions endpoints are not exposed publically directly but yes this is quite costly .
In this you will have full control over the traffic and then you can enable SSL .

Second would be put SSL as you have mentioned.

Third Option would be to authenticate your user from Azure AD with function app.

Fourth option would be to use managed identies with function app.

For secure communication from on-premises to Azure Sql :

This can also be achived by couple of ways. But I belive the easiest way to use Hybrid Connections.
The connection uses TLS 1.2 for security and shared access signature (SAS) keys for authentication and authorization

share|improve this answer

answered Mar 29 at 3:34

DixitArora-MSFTDixitArora-MSFT

78366 bronze badges

share|improve this answer

answered Mar 29 at 3:34

DixitArora-MSFTDixitArora-MSFT

78366 bronze badges

answered Mar 29 at 3:34

DixitArora-MSFTDixitArora-MSFT

78366 bronze badges

answered Mar 29 at 3:34

DixitArora-MSFTDixitArora-MSFT

78366 bronze badges