fix: WAF backend exposure and private ingress validation

[Ashwal-Microsoft]

Purpose

In the current WAF (Web Application Firewall) deployment model for solution accelerators, the API endpoints hosted on Container App (Microsoft.App/containerApps) remain publicly accessible. Only the Web App (frontend) should be publicly accessible through the WAF; all backend API endpoints should be restricted to private access only.

Accelerators in Scope
Accelerator Frontend Backend
Deploy your AI Application App Service (published from Foundry) Container App (Microsoft.App/containerApps)

When deploying these accelerators using the WAF deployment option, the expectation is that the backend APIs hosted on Container Apps are secured behind the WAF and are not directly accessible from the public internet. However, the current implementation leaves the Container App API endpoints publicly exposed, which undermines the security posture of the WAF deployment model.

• ...

Does this introduce a breaking change?

• Yes
• No

Golden Path Validation

• I have tested the primary workflows (the "golden path") to ensure they function correctly without errors.

Deployment Validation

• I have validated the deployment process successfully and all services are running as expected with this change.

What to Check

Verify that the following are valid

• ...

Other Information

[Copilot]

Pull request overview

This PR aims to ensure that, in WAF / networkIsolation=true deployments for this accelerator, backend APIs hosted on Azure Container Apps are not publicly reachable (only the frontend should remain publicly exposed through the WAF/Application Gateway path), and adds documentation to help validate the resulting private-ingress topology after deployment.

Changes:

• Updated Container App ingress configuration in infra/main.bicepparam so the backend app’s ingress is internal-only when networkIsolation=true.
• Added post-deployment validation steps and deployment guide notes describing how to confirm backend Container App isolation.
• Commented out the metadata.template block in azure.yaml.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

File	Description
infra/main.bicepparam	Sets backend Container App ingress to internal-only when networkIsolation=true by toggling the external flag.
docs/post_deployment_steps.md	Adds portal-based steps to validate backend Container App isolation in network-isolated/WAF deployments.
docs/deploymentguide.md	Documents expected backend reachability behavior when networkIsolation=true.
azure.yaml	Comments out metadata.template (template identification/version metadata).

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.