Overview
If your systems are hosted on Azure, VNET peering can be configured to integrate the connection without the data leaving the Azure backbone.
To set up VNET peering, Bizagi needs guest access to your tenant and the Network Contributor role on your VNET. This role can be granted during a configuration meeting and removed once the it is complete.
Considerations
•Configure an internal DNS record to resolve the subdomain privatelink.database.windows.net to the private IP assigned to the database server (these values will be provided by Bizagi in the configuration call)
•By default, the option "Allow Azure services and resources to access this server" is disabled. If you wish to enable this setting, you must acknowledge and accept the associated risks.
•It is important to have firewall rules to restrict your sources channeled through VNET.
•When connecting through Private Link, the connection could encounter a different certificate on the hostname which could cause the connection to be rejected. Therefore, you modify the connection string to accept this certificate.
Configuration steps
1.Create Guest User: Create a guest user account to access the tenant.
2.Send Invitation: Send an invitation to the Bizagi representative who will participate in the configuration session.
3.Assign Permissions: During the configuration session, assign permissions on the VNET using the guest user account.
4.Post-Peering Configuration: Once VNET peering is established, you may remove permissions from the resource if no longer needed.
For this step onwards, Bizagi will create configurations to establish the connection.
Last Updated 12/5/2024 11:08:45 AM