question

AbhishekTiwari-7660 avatar image
0 Votes"
AbhishekTiwari-7660 asked AbhishekTiwari-7660 commented

updating auto-approval list for Private link service

I am looking for patch api to update auto approval list of private link service where I need to pass only new subscriptionID instead of whole list.

Scenario: If multiple users try to update the list at once then there is possibility of losing one of the updates. we are building UI in front of REST api for updating PLS and there multiple users can try to add their subscriptions at the same time.

https://docs.microsoft.com/en-us/rest/api/virtualnetwork/private-link-services/create-or-update#create-private-link-service

azure-private-link
· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello @AbhishekTiwari-7660, Thank you for reaching out. I may have not understood the question correctly. Can't you try to list the the Auto Approved Private Link Services By Resource Group first and then create or update them? if this is not the solution you are looking for can you please explain the scenario more on how there is a possibility of losing one of the updates or how the user flow will be?
if you are looking to gain more control over what requests are sent by the users, you can maybe use a HTTP triggered function app in this scenario. Depending on your set-up and configuration you can use the Management API above or use the .NET sdk in this scenario. Please let me know if you have any additional concerns. Thank you!


0 Votes 0 ·
AbhishekTiwari-7660 avatar image AbhishekTiwari-7660 ChaitanyaNaykodiMSFT-9638 ·

Hello @ChaitanyaNaykodiMSFT-9638 Thank you for responding.

yes we are doing the same using java sdk, first listing the approval list, then adding subscriptionId to the list and finally making createorupdate call. see the below code

PrivateLinkServiceInner privateLinkServiceInner = inner.networks().manager().inner().privateLinkServices().
getByResourceGroup(resourceGroupName, privateLinkServiceName);
if (!privateLinkServiceInner.autoApproval().subscriptions().contains(subscriptionId)) {
privateLinkServiceInner.autoApproval().subscriptions().add(subscriptionId);
inner.networks().manager().inner().privateLinkServices().createOrUpdate(resourceGroupName, privateLinkServiceName,
privateLinkServiceInner);
}

Suppose multiple thread try to call this method at the same time then there is a possibility where listing the approval list won't get the updated list because other threads might have updated the list around the same time.
E.g, - User A tries to add subA to ApprovalList [subX,subY,subZ] and at the same time User B also tries to add subB to the list. When both make GET list call they get [subX,subY,subZ] then A updates the list [subX,subY,subZ,subA] and simultaneously B updates the list with [subX,subY,subZ,subB] so here as you can see we might miss one of the updates. For avoiding this there should be a separate PATCH API for adding subscription to the approval list.

0 Votes 0 ·

@ChaitanyaNaykodiMSFT-9638 do you have any suggestion, is it possible to develop this as new feature in Private Link Service

0 Votes 0 ·

0 Answers