AppConfiguration icon indicating copy to clipboard operation
AppConfiguration copied to clipboard
verified publisher icon Azure

Support for Network Security Perimeter (NSP)

Open arjankohli opened this issue 8 months ago • 2 comments

I would love the ability to define an IP Whitelist firewall rule on my configuration services.

This would benefit customers that are running in hybrid multi-cloud + on-prem environments, where traffic to the configuration service needs to originate from outside Azure data-centers.

Azure Key Vault already supports this functionality, but protecting configuration services in the same manner creates defense in depth.

Many corporate environments have a strong desire to protect all configuration (not just vaulted secrets), because compromising and changing non-sensitive configuration can modify application behavior and create a denial of service.

arjankohli avatar Apr 26 '25 18:04 arjankohli

Hi @arjankohli

Network Security Perimeter (NSP) is the right path forward, and we’ll be adding NSP support on our side as well. You can find a good overview here:

https://learn.microsoft.com/en-us/azure/private-link/network-security-perimeter-concepts

jhzhu89 avatar Apr 29 '25 03:04 jhzhu89

@arjankohli I updated the title of this issue and use it to track our support for NSP in the roadmap.

zhenlan avatar May 14 '25 21:05 zhenlan