You may have heard of Azure AD Application proxy and perhaps you are already using it in your environment. A couple of days ago a new feature was released in azure called “Connector Groups”. If you are using the proxy connectors today, this will be a life changer.
This is actually a way to group connectors and choose which application that goes to which proxy group. Let’s say you have two data centers and a Azure datacenter, in all three you have web applications running and you want to be able to access them from the internet. Where do you put your proxy?
The answer today is, at all three locations!
- Create your groups
- Install your Connectors
- Assign the connectors to the appropriate group
- Configure the application to use the appropriate connector group
And you are done!
This was the problem I solved today. Before I had web applications in azure and in the local datacenter and because most of the applications were still located onprem, I choose to install the proxy connector there. But when I published a web app located in Azure, traffic went Client-Internet-Azure-Onprem-Azure-Onprem-Azure-Internet-Client really stupid.
Jon Jander @Meapax