How to Apply Network ACLs for Azure Cloud Services?

In this article, I am going to assume you already aware of azure Cloud Services . Now in Azure, when you create a virtual machine you have an feature from the management portal to specify the network ACL end points as shown below.

Now, we do not have that sort of luxury to manually specify the details. We are going to take a look how we are going to achieve this.

There are three things we need to be aware of

  1. Create the azure Cloud services within the virtual networks
  2. Endpoint management
  3. Network ACL management

SO, if you already have a sites up and running if you plan to move into Virtual network below is the error message you would get

07:37:29 – Updating…

07:37:31 – Error: A virtual network site cannot be added or removed during deployment update or upgrade. Http Status Code: BadRequest OperationId: a2bb0abf6ba733beaac26a51986f3ae8

End points are created in the ServiceDefinition.csdef as shown below

Virtual Network and ACLs are specified in theServiceConfiguration.Cloud.cscfg as shown below, If you need to know more about creating virtual network please follow the link in.

After this configuration is published you can see the instances appearing in the virtual network as shown below

 Now we know how to make the ACLs work for Cloud service deployments.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.