...
- Port forward on 443 to the app server
- IF, we need to provision SSL, then we need the port forward of port 80 as well.
- if you provision SSL, we'd need the domain name
Hairpin NAT configuration (aka NAT loopback)
- Setup hairpin NAT on the firewall / router
Users
- User to access the App server and possibly SQL server
- User to access the SQL instance. (sa user, so we can create limited access users for our APIs)
- SMTP user / Email relay / SendGrid user
...