Exercise: Restrict network access to PaaS resources with virtual network service endpoints using the Azure portal
Lab scenario
Virtual network service endpoints enable you to limit network access to Azure service resources in a subnet. You can also remove internet access to the resources. Service endpoints provide direct connection from your virtual network to supported Azure services, letting you use your virtual network's private address space to access the Azure services. Traffic destined to Azure resources through service endpoints always stays on the Microsoft Azure backbone network.
Architecture diagram
Job skills
- Create a virtual network.
- Enable a service endpoint.
- Restrict network access for a subnet.
- Add other outbound rules.
- Allow access for RDP connections.
- Restrict network access to a resource.
- Create a file share in a storage account.
- Restrict network access to a subnet.
- Create virtual machines.
- Confirm access to storage account.
Note
To complete this exercise, you need an Azure subscription.
Launch the exercise, and follow the instructions. When finished, be sure to return to this page so you can continue learning.
