Virtual Network service endpoints allow you to secure some critical Azure services to only specific virtual networks. Though, there is a limitation: endpoints cannot be used for traffic from your premises to Azure services. Right now, if you want to allow traffic from on-premises, you must also allow public (typically, NAT) IP addresses from your on-premises or ExpressRoute.
In this repo you will find out how to allow your communications to securely go through your VPN by using Envoy as a proxy.
There are two folders in this repository:
- envoy/ contains the proxy configuration, the Dockerfile to build the proper docker image and a Kubernetes YAML to deploy it to your cluster
- samples/ contains two sample console applications (for accessing KeyVault and Storage Accounts)