Skip to main content

Configure Private Endpoints for Azure Event Grid

Configuring private endpoints for Azure Event Grid allows secure private access to Event Grid resources over your Azure Virtual Network. Azure Private Endpoints ensures the traffic between Apporetum and Event Grid remains private and not exposed to the public internet. This short guide describes how to set up Private Endpoints for Event Grid.

Create a New Subnet for EventGrid

note

This step can be skipped if you plan to deploy eventgrid into an existing Apporetum Subnet

  1. Navigate to the Virtual Network where Apporetum is deployed.
  2. Navigate to the settings blade and select subnets.
  3. Click + Subnet to create a new subnet.
  4. Give the subnet a name and select Save

Attaching Private Endpoint to Existing Event Grid

  1. Deploy Event Grid
tip

Information on deploying Event Grid for Apporetum can be found here.

  1. Navigate to the Deployed Event Grid and access the Networking blade.
  2. Set "Allow Access From" to Private endpoints only.
  3. Select the Private endpoint connections tab.
  4. Click + Private endpoint to create a new Private Endpoint.
  5. Give the private endpoint a unique identifying name and select Next.
  6. Continue to the Virtual Network tab.
  7. Under Virtual Network - Select the Virtual Network where Apporetum is deployed too.
  8. Under Subnet - Select the subnet that was deployed for Event Grid (See step above) and select Next.
  9. Select Review and Create the Private endpoint.

Configure Apporetum to use the Private Endpoint

  1. Navigate to the Apporetum Managed Resource Group.
  2. Select the API App Service.
  3. Under the Settings blade select Networking.
  4. Under Inbound traffic configuration select the Public network access option.
  5. Under Public network access select Enabled from select virtual networks and IP addresses.
  6. Under the Unmatched rule action select allow.
  7. Click + Add to add a new network rule to allow the traffic from the virutal network and subnet to reach the API App service.
  8. Give the new rule an appropriate name and set the following configurations:
    1. Subscription Select the subscription where Apporetum is deployed.
    2. Virutal Network Select the virtual network where apporetum is deployed.
    3. Subnet Select the subnet that was created for the EventGrid. If EventGrid was deployed to another subnet, ensure that subnet is chosen.
  9. Click Save.

Configure Event Grid - Create webhook

  1. Navigate to deployed Event Grid.

  2. Select Domain-Scope Event Subscriptions in the Entities blade.

  3. Select + New Event Subscription

  4. Give the Event Subscription a name and select CloudEventSchemaV1_0 as the Event Schema.

  5. Under Endpoint Type select Web hook

  6. Navigate to Apporetum copy the web hook. This can be done by navigating to Settings -> Event Viewer.

  7. Copy the Web hook URL.

  8. Navigate back to Azure Event Grid and paste the URL under Web hook.

  9. Click Create.

    Create Webhook

  10. Apporetum has now been configured to use Private Endpoints for Azure Event Grid. Apporetum events should now populate when you navigate to Settings -> Event Viewer.