Cant create private endpoint because of subnet delegation
Hi, I am facing difficulties to disallow public access to my storage account. This account is being accessed by function apps, web apps, and web APIs. What I have tried so far, is that I integrated the web app with the VNet I created, and also configured…
DNS lookup is not giving the right private IP address
From azure cloud, I set up a azure app configuration with a private endpoint and configured the name resolution in the private DNS zone A records. I also created a virtual machine in the same VNET and subnet as the key vault and tried to query the DNS…
How can I connect to an external data source when synapse data exfiltration is enabled?
Hey folks, I'm trying to access external services via synapse pipelines and spark pools (salesforce for example) while having data exfiltration enabled. This has been possible using self-hosted integration runtimes secured with proxies to meet our…
Private access to Application Insights
Hi, I have an application insights for an App Service. The App service is privately accessible from Private endpoint and also has outbound VNet integration. To make the App Insights privately accessible, I added a Private link scope and in the scope I…
Get-AzPrivateEndpoint powershell command is not working as expected
hi folks, I am trying to use 'Get-AzPrivateEndpoint' to query properties and configurations of my private endpoints but it is not working as expected. It doesn't show the expected results. Below are the details: Result that I am getting is below (I am…
App Config Private DNS Zone getting deleted automatically by "Azure Traffic Manager and DNS"
Hi all, Happy New Year! I have created private endpoint of App Config service but the A record in Private DNS Zone getting deleted automatically by "Azure Traffic Manager and DNS" Any help on this will be greatly appreciated! Thanks in…
Can't export managed disk snapshot with private endpoint through disk access
Hi, I have created one snapshot from azure managed disk with network connectivity as "Disable public access and enable private access". Specifically, I have created disk access in which I have created private endpoint with private DNS Zone.…
Subnet NSG rules not applied to Private Link
Hello, Having created an SQL database, I wanted to add the option to connect to it using a Private IP. So, I created a Private Endpoint and assigned it to the SQL Server. So far so good. I have to restrict the internal connections so that…
Unable to deploy function to the Function App with Private Endpoints.
We created a Virtual Network (Vnet) with two subnets: one designated for private endpoints (Private Subnet) and the other for Vnet integration of the function app (Function Subnet). The function app and its associated storage account were deployed within…
Unable to deploy secrets into the keyvault with private endpoint enabled
There are two Azure virtual networks (vnets), each with two subnets: one for private endpoints and the other for integrating a function app. Two separate Key Vaults with private endpoints exist, each located in a different vnet. Vnet peering has been…
Azure App Service with Private endpoints does not support deployment slots
Hi, I am currently in the process of deploying infrastructure using ARM (and bicep), the requirements for this infrastructure will see the deployment of a virtual network into which I need to host both Azure SQL Database and Azure App Service, both…
Azure Arc Private link scope region
Hi, I am creating a following architecture: I am new to this so please forgive me. But what this picture says is that i have two ExpressRoute connection from my on-premise AD to the gateway in West Europe Region and North Europe Region. I am trying…
Does private endpoint restrict public access
Hi, I saw multiple articles with vague explanations like "traffic can reach the service resource from on premises without using public endpoints" etc. My question is: if I configure private endpoint to any type of resource, does it mean…
docker login to azure ACR through private endpoint gets 403 forbidden
Hi all, I have created an Azure ACR in a RG. ACR has Public Access enabled for all networks. For private access I have configured an endpoint getting an ip from a private subnet. When performing docker login xxxxxx.azurecr.io with admin account…
Azure Monitor Private Link Scope (AMPLS) in a Peered Vnet not working
I have a set-up where I have 2 virtual networks that are peered. I have a requirement to disable public access for Azure Monitor services. So I looked at enabling AMPLS, and followed the steps mentioned in here:…
Invalid subscription error when deploying MySQL Flexible instance
I am trying to deploy a MySQL instance into a VNET with private DNS in a different subscription. It is failing with the error: "The subscription '
If we enable the private endpoints for storage account, can't we able to access storage account by using VNETs
I have a storage account (stgA) with its networking set to "Enabled from selected virtual networks and IP addresses." I've successfully added VNETA to access stgA, and I can access the storage from the VNET. However, after creating a private…
'CloudInternalError' while creating Enhanced policy Backup for Windows VM on a private Recovery services vault, the VM connectivity to vault private endpoints are working but backup cannot be enabled. How to fix it ?
Need help to solve this issue. Scenario Deployed a SQL Server 2022 on windows server 2022 virtual machine. Have create Recovery services vault on the same resource group and enabled private access. Trying to Backup with Standard Policy is working The…
I cannot select a private endpoint on Azure Cache for Redis
I want to deploy Azure Cache for Redis, but all the options in [Network] [Network Connection] [Connection Method] are grayed out and I cannot select a private endpoint. I would like to select a private endpoint. 【Parameter】 Region: Japan East Cache type:…
Extension based agent deployment failed on On-premises Systems - Azure Arc
Hi I'm trying to deploy (push from Azure Portal) Extension-based Hybrid Runbook Worker nodes that are on-premises (not in Azure VNet). The On-prem and Azure environments are connected via ExpressRoute and the below configuration has been put in-place: …