GitHub Community
GitHub Actions Large Runner #125366
Unanswered
PHoang-AmeriCorps
asked this question in
Actions
GitHub Actions Large Runner
#125366
Replies: 1 comment
-
|
You are right about the Azure Storage limitation: public IP firewall rules do not help for traffic from the same Azure region in some paths, because the source may not be evaluated as the public IP you expect. For large runners that need reliable access to a locked-down storage account, Azure VNet private networking is the safer pattern. Region selection for the runner would still be useful, but for Storage firewall specifically I would design around private endpoints or VNet integration instead of relying on a same-region public static IP. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Select Topic Area
General
Body
As a GitHub administrator, I would like to have option to select the region for Larger Runner due to an issue of Runner IP on same region with Azure Blob Storage recently.
If my Large Runner static IP is on same Azure region, the Firewall setting base on IP network rules will not take effect.
https://learn.microsoft.com/en-us/azure/storage/common/storage-network-security?tabs=azure-portal#restrictions-for-ip-network-rules
The proposed solution is to create Azure VNET but I think it would be helpful if we can have option to assign region to Larger Runner.
Beta Was this translation helpful? Give feedback.
All reactions