This template includes a sample Web API architecture with and without virtual networks and pipelines that automate deployment and integration test process. The pipelines deploy Azure resources and sample codes for the Web API and Functions, and then send requests to the API in the integration steps. Follow the instruction in Getting-Started to run this template.
- Virtual Network architecture 1 - Do I need virtual network?
- Virtual Network architecture 2 - Deployment pipelines
- Virtual Network architecture 3 - Key Vault Private Endpoint
- Virtual Network architecture 4 - SQL Database Private Endpoit
- Virtual Network architecture 5 - App Service Private Endpoint
- Virtual Network architecture 6 - Service Bus Private Endpoint
- Virtual Network architecture 7 - Self-hosted agent
Azure services used
- Azure Active Directory
- Azure Application Gateway
- Azure API Management
- Azure App Service
- Azure Functions
- Azure SQL
- Azure Key Vault
- Azure Service Bus
- Azure Virtual Network
- Private Endpoint
- Azure Pipelines
This architecture has a basic Web API managed by Azure API Management. Azure Pipelines agent sends a request to the API Management endpoint during the integration test pipeline. The Web API includes GET, DELETE, and two POST methods. One of POST requests forward a requested message to Azure Service Bus, and the Azure Functions is triggered according to messages sent to the Service Bus topic and Functions set records to Azure SQL Database.
This architecture is the one that adds to the base architecture virtual networks and private endpoints so the Azure PaaS resources are proteted by the virtual networks and accessed only through private IP address. It also builds and deploys self-hosted agent that builds and deploys Web App and Functions codes to the Azure PaaS resources within the virtual network through private IPs.
The base pipeline deploys Azure resources and builds SQL, Web App, Functions codes, deploys them to the Azure PaaS resources, and then execute integration tests. The vnet1 pipeline deploys Azure resources including virtual networks but the Azure PaaS resources are still exposed to the internet. The vnet2 pipeline deploys private endpoints and sets up private IPs for the Azure PaaS resources.