Internal App Service Environment can be great to securely and internally host your web applications on Azure. However, because ILB ASE is accessible only from within the VNet boundaries. It is a challenge to publish these apps externally, or deploy your code on them using DevOps as your pipelines cannot reach this secure environment.

Tutorial: Securing Azure App Service Environment

In this video, I will go through the process of:

  • Creating and Internal App Service Environment on a dedicated VNet
  • Exposing the applications on it using Application Gateway
  • SSL Offloading using Application Gateway and KeyVault Configuration
  • Azure DevOps CD Pipeline using VMSS Self-hosted agents within the same VNet

Enjoy :)