Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Selective access to/from workspace by external services #4141

Open
TonyWildish-BH opened this issue Nov 18, 2024 · 1 comment
Open

Selective access to/from workspace by external services #4141

TonyWildish-BH opened this issue Nov 18, 2024 · 1 comment
Labels
question Further information is requested

Comments

@TonyWildish-BH
Copy link
Contributor

Description

We have two use-cases that require selective access through the workspace firewall:

  • one use-case requires outbound connectivity to a single, fixed IP
  • several use-cases require inbound access from an Azure Data Factory to push data into a MySQL service within the workspace. In most cases, that access will be one-off, at project setup. In others, it may be required for periodic refreshes of data.

Before I go hacking around myself, I'd like to know if there are any guidelines on how I can do this cleanly, such that it can be turned on/off on a per-workspace basis. Do I need to customise templates, or is 'manually' modifying the w/s network the best way to go?

Thanks in advance for any suggestions.

@TonyWildish-BH TonyWildish-BH added the question Further information is requested label Nov 18, 2024
@tim-p-allen
Copy link
Collaborator

Hi @TonyWildish-BH, for TRE wide settings you could perform an update on the firewall service and add the required app or network rules. Or modify the workspace template to add those rules on creation of that workspace, similar to how the nexus amends the firewall on its creation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
question Further information is requested
Projects
None yet
Development

No branches or pull requests

2 participants