You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/logic-apps/secure-single-tenant-workflow-virtual-network-private-endpoint.md
+9-2Lines changed: 9 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,7 +5,7 @@ services: logic-apps
5
5
ms.suite: integration
6
6
ms.reviewer: estfan, azla
7
7
ms.topic: how-to
8
-
ms.date: 01/06/2022
8
+
ms.date: 01/15/2022
9
9
10
10
# As a developer, I want to connect to my single-tenant logic app workflows with virtual networks using private endpoints and VNet integration.
11
11
---
@@ -117,6 +117,12 @@ For more information, review [Create single-tenant logic app workflows in Azure
117
117
118
118
To secure outbound traffic from your logic app, you can integrate your logic app with a virtual network. First, create and test an example workflow. You can then set up VNet integration.
119
119
120
+
> [!IMPORTANT]
121
+
> You can't change the subnet size after assignment, so use a subnet that's large enough to accommodate
122
+
> the scale that your app might reach. To avoid any issues with subnet capacity, use a `/26` subnet with 64 addresses.
123
+
> If you create the subnet for virtual network integration with the Azure portal, you must use `/27` as the minimum subnet size.
124
+
125
+
120
126
### Create and test the workflow
121
127
122
128
1. If you haven't already, in the [Azure portal](https://portal.azure.com), create a single-tenant based logic app, and a blank workflow.
@@ -150,8 +156,9 @@ To secure outbound traffic from your logic app, you can integrate your logic app
150
156
> [!IMPORTANT]
151
157
> For the Azure Logic Apps runtime to work, you need to have an uninterrupted connection to the backend storage.
152
158
> For Azure-hosted managed connectors to work, you need to have an uninterrupted connection to the managed API service.
159
+
> With VNet integration, you need to make sure no firewall or network security policy is blocking these connections.
153
160
154
-
### Considerations for outbound traffic through private endpoints
161
+
### Considerations for outbound traffic through VNet integration
155
162
156
163
Setting up virtual network integration affects only outbound traffic. To secure inbound traffic, which continues to use the App Service shared endpoint, review [Set up inbound traffic through private endpoints](#set-up-inbound).
0 commit comments