Azure Virtual NAT (network address translation) is a fully managed and highly resilient PaaS offering by Azure that simplified the outbound connectivity for virtual networks. The outbound connectivity of the virtual network can be defined for one or multiple subnets on a virtual network using single Public IP or public IP prefix resource or a combination of both. The traffic is routed through the NAT gateway, once configured, all without any custom route tables.

If an application demands to have a static IP or set of IPs when sending traffic to the internet or external endpoints, Azure NAT is the solution that lets you achieve those requirements easily. Although similar functionality can be achieved using a load balancer, the NAT gateway makes it a breeze to configure and manage the traffic flow without much effort. NAT uses port NAT (PNAT) and is the recommended solution when deploying solutions in Azure.

In this hands-on lab, you will learn to configure Azure Function behind a NAT gateway to restrict the outbound IP address.

Learning Objectives

Upon completion of this intermediate-level lab, you will be able to:

• Create Virtual Network with multiple subnets
• Create Premium Tier Function App with .NET Code
• Create Public IP Resource and Associate with NAT Gateway
• Enabled VNet Integration for the Function App

Intended Audience

• Candidates for Azure Network Engineer Exam (AZ-700)
• Cloud Architects
• Cloud Network Engineers
• Cloud Security Engineers
• Software Engineers

Prerequisites

Familiarity with the following will be beneficial to understand all the aspects of the lab:

• Azure Functions
• Azure Virtual Network
• Azure Public IP

The following courses/courses and labs can be used to fulfill the prerequisite:

• Integrate Services with Azure Function Apps
• Understanding Core Azure Networking Products

Updates

March 26, 2023 - Updated security policy to add new resource permissions

January 2nd, 2023 - Updated screenshots and instructions to match UI