Deploy Azure App Service Environment With A Public IP
In this post, I will show you how to deploy the “public” version of App Service Environment (ASE), where the app services are shared through a single, simple public IP address.
Passwords Haven’t Disappeared Yet
123456. Qwerty. Iloveyou. No, these are not exercises for people who are brand new to typing. Shockingly, they are among the most common passwords that end users choose in 2021. Research has found that the average business user must manually type out, or copy/paste, the credentials to 154 websites per month. We repeatedly got one question that surprised us: “Why would I ever trust a third party with control of my network?
Note that you can create an ASE while creating the first app service and Isolated-Tier app service plan within it. However, this does not give you control over the method of connectivity to the app services. In this how-to article, you will see how to create the new ASE and then how to add app services plans to it.
Create the ASE
Start by going to the Azure Portal and clicking Create a Resource. Pick Web + Mobile > App Service Environment. An App Service Environment blade will appear; enter the following details:
- Name: Give the ASE resource a name that will be unique in the .p.azurewebsite.net domain.
- Subscription: Choose the target subscription.
- Resource Group: Create a new or select an existing resource group to put the ASE into.
- Virtual Network/Location: Either choose an existing virtual network or create a new one.
There are two things to note about the virtual network blade:
- Choosing/creating a virtual network will define the region that the ASE will be created in.
- This is where you choose (VIP Type) if the ASE will be external (public IP address) or internal (Azure load balancer).
In this case, select External, which will create a PIP (Public IP address or VIP/virtual IP address) for the ASE.
You can click Create and the ASE is created for you. Note that this creation job can take well over 1 hour to complete.
If you open the created ASE resource and browse to IP Addresses, you will find the public and outbound IP address of your new app services environment.
Create an Isolated App Service / App Service Plan
Start by creating a new app service and app service plan as normal; Click Create A Resource > Web + Mobile > Web App. Enter the web app details:
- App Name: A globally unique name in the .azurewebsite.net domain.
- Subscription: The subscription that the ASE is in.
- Resource Group: The name of the new or existing resource group.
- OS: This must be Windows because Linux is not supported yet in ASE.
Click App Service Plan and then select Create New. Enter the following in the New App Service Plan blade:
- App Service Plan: Enter a name for the new app service plan.
- Location: Select the ASE that you created earlier. This also selects the region of the ASE.
- Pricing Tier: Choose one of the Isolated plans. This is required for an ASE.
Click OK to finish detailing the new app service plan. You are then returned to the Web App blade, where you can optionally enable Application Insights.
A new app service, running in a new app services plan will be deployed in the ASE after you click Create; this will only take a few moments.
You can then open the new app service and click Browse. The new site is browsable via the Azure-assigned domain name (which you can customize) via the ASE’s public IP address.