Skip to content

Latest commit

 

History

History
146 lines (88 loc) · 3.58 KB

azure-app-service-or-azure-functions-d5f96f9.md

File metadata and controls

146 lines (88 loc) · 3.58 KB

Azure App Service or Azure Functions

Consume Azure App Service or Azure Functions with SAP Private Link service.

Creation Request

The following Cloud Foundry service-specific configuration parameters are supported during a service instance creation:

resourceId (required)

Identifies the resource on Azure the private link should be created for.

subResource (required)

Identifies the sub-resource on Azure the private link should be created for.

Must be sites.

requestMessage (optional)

Specifies a message which is shown for the approval request on Azure for the specified resource.

Sample Code:

{
    "resourceId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myResourceGroup/providers/Microsoft.Web/sites/myApp",
    "subResource": "sites",
    "requestMessage": "Please approve connection"
}

Binding Credentials

The following binding credentials are provided:

hostname

DNS entry to connect to the workload endpoint of the App or Function. This DNS entry resolves to the internal IP address associated with this private link.

scmHostname

DNS entry to connect to the SCM endpoint (deployment/debugging interface) of the App or Function. This DNS entry resolves to the internal IP address associated with this private link.

Sample Code:

{
    ...
    "privatelink": [
        {
            ...
            "credentials": {
                "hostname": "myapp.azurewebsites.net",
                "scmHostname": "myapp.scm.azurewebsites.net"
            }
        }
    ]
}

Custom Domains

If your application or function offers a Custom DNS Name, your app on SAP BTP can also connect to this DNS Name (instead of the hostname from above). This will work, since the custom DNS name will have a CNAME record pointing to the hostname above, which will in turn resolve to the private endpoint's private IP, establishing the connection over the private endpoint.

Known Limitations

  • As highlighted in the Azure documentation, private endpoints are only supported for App service plans Basic and above.

  • For functions, private endpoints are only supported on the Functions Premium tier or if they run on an App service plan.

Tutorials

Martin Pankraz published a blog post outlining the steps on how to enable SAP CAP with Azure services without OData APIs using SAP Private Link: SAP private linky swear with Azure – enabling SAP CAP with Azure services without OData APIs using SAP Private Link