AZ Lamps #4 —Front Door versions
Last year, Microsoft released a new version of Azure Front Door — a service that acts as a global entry point for a large ecosystem. In AWS, its counterpart is called Cloud Front.
It is risky to update such a global service because thousands of customers use it. Therefore, Microsoft released a new version that works in parallel with the existing one. In addition, they renamed the old version to Front Door Classic, offering a new one as Standard and Premium.
In my opinion, the killer feature of the new version is Private Link Support. Since then, Azure Front Door has learned to connect to services hidden behind a Private Endpoint in a virtual network. The image shows an example where we allow internet traffic (thick red lines) to reach the Public API. On the other hand, non-public services (marked as Non-Public API and Non-Public Database) remain invisible from the outside. Their communication stays inside the VNet (thin black lines).
Previously, we could achieve this only by whitelisting all possible Azure Front Door IP addresses (which tend to change).
