Please provide Azure Services with an Internal Endpoint (a least Azure Storage and Azure Backup) to build up machines without Internet Connection.47 votes
Storage service tags gives this capability and it was Completed. Private IP for storage is under review.
VNet Service Endpoint achieves secure access to storage from virtual network, but there is still a risk that someone might leak our sensitive data to his/her own storage account.
To make sure our data is stored in our storage account, we really need the ability to limit access to the specific approved storage account.19 votes
I pretty much want to keep storage, SQL database, web app, VMs, and any other service I use within a private network to keep granular control of which services can connect to other services. The "open to all" connection strings to all services is a hard sell to any organization used to securing their IT behind firewalls and networks of networks. Where are you on this today? It must be considered a less secure since these connection strings always tend to leak..10 votes
Service endpoints for Storage and SQL are available in preview and we have more work in progress for webapps integration.
Thanks for recently adding the ability to specify custom DNS servers for virtual networks.
I assume this is implemented with DHCP.
We are unfortunately not able to rely on this feature yet because we also set a custom DNS domain search.
This can be done with DHCP option 119, and this is how we have our non-Azure LAN configured.10 votes
Azure DNS support for private zones is now in limited preview and custom DNS suffix will be part of that. See http://aka.ms/azureprivatedns for details of the feature.
- Don't see your idea?