Fix App Service to Function App Connectivity with VNet Integration
Troubleshoot and fix a broken connection between an Azure App Service and a Function App by configuring VNet Integration and access restrictions.
Skills Validated
Lab Overview & Objectives
This challenge tests your ability to restore secure service-to-service communication on Azure App Service. A pre-provisioned Web App cannot reach a pre-provisioned Function App because the Function App has been hardened to block all public internet traffic, and the Web App's outbound calls currently exit through the public internet. Using the pre-provisioned virtual network, you need to route the Web App's outbound traffic through the VNet and configure the Function App's access restrictions to accept traffic from the Web App without re-exposing the Function App to the public internet.
Objectives
- Enable VNet Integration on the Web App, connecting it to the integration-subnet in the pre-provisioned virtual network
- Add an access restriction rule on the Function App that allows traffic from the integration-subnet
- Verify the Web App can successfully call the Function App's HTTP-triggered function
Success Criteria
- The Web App is connected to the integration-subnet via VNet Integration
- The Function App has a Virtual Network access restriction rule allowing traffic from the integration-subnet
- The Web App can call the Function App endpoint and receive a successful response (no 403 Forbidden)
Real-Time Validation
Our platform uses an automated validation engine to verify your configurations as you work through the lab modules. No multiple choice—just real-world proficiency.