Azure Data Factory private endpoint - portal subresource

Question

Dear Microsoft,

What is the purpose of "portal" subresource for ADF private endpoint?

In the documentation I can see the following statement: "If you want to use the private endpoint for command communications between the self-hosted integration runtime and the Azure Data Factory service, select datafactory as Target sub-resource. If you want to use the private endpoint for authoring and monitoring the data factory in your virtual network, select portal as Target sub-resource."

Also, there is: "You can still access the Azure Data Factory portal through a public network after you create private endpoint for portal."

I have created ADF with private endpoint-only connectivity, created a private link of type "portal" and was still able to login to the portal and modify & run pipelines from the public internet.

That being said, what is the purpose of this endpoint for the "portal" subresource? What do I get by creating it and paying $7 per month?

Thx

Answer 1

Hi @Wojciech Jakubowski ,

Ok. Let me try to clarify the purpose of the portal sub resource -
If you are working from a VNet environment, like lets say you are using VMs in the Azure VNet as your development machines. If VNet is locked for any external access which is in many enterprise scenarios then users will not be able to access ADF’s UX. So, in that case to enable access to ADF portal user needs to create PE in their VNet.

Please let me know if any other questions.

Thanks
Saurabh

Answer 2

Hi,
had the some questions....

The private endpoint is used for the SHIR.

Support:
"Shared the below documentations and informed that we can still access the Azure Data Factory portal through a public network after you create private endpoint for portal.

https://learn.microsoft.com/en-us/azure/data-factory/data-factory-private-link
And if use SHIR or azure managed Vnet IR then the communication will happen via private link and use private IPs configured for their ADF."