How about accessing any Azure Resources (PaaS) connecting privately, for example Azure Batch private endpoints connecting privately to Azure Storage account (blob/Files), not discussed in this video. Both the Private end point are with in the same VNET
Thanks for the video. If I add system assigned managed identity for an ADF pipeline in this ADLS Gen2 (where you enable access via private end point), can ADF extract the files from the blob?
Hello there! Sub-resources are actually different storage services in Azure. They are Blob, Queue, Table, Files and Disks as documented here: msft.it/6052T2W5C A private endpoint maps to a resource of specific storage service type.
Ok, but who accesses storage accounts or sql ddbbs in production from VMs? I'm surprised the obvious scenario hasn't been discused: what about service-to-service access? how to access from an app service or a function, either a storage, sql, or another app service? is that even in the roadmap??
Hey Luis! WebApps or Functions can be deployed privately using VNet Integration to gain private access to other PaaS like Storage accounts or SQL servers using Private Endpoints, in this case both App Service and Data resources are private to the VNet. More information here: msft.it/6056TtqQk Additionally, you can access the WebApp privately to completely secure the integration if is an exclusive private application. Here's how! msft.it/6058TtqQw
@@MicrosoftAzure private link for azure datafactory not working , I am trying to connect datafactory private link to onperm self hosted integration runtime, no success, even there is no proper documentation for the datafactory to connect with private link
Does this work to secure a Storage account for a remote employee who are using Azure Storage Explorer and their laptop is connected via Point-2-site VPN gateway ?
Narayan Annamalai explains these concepts in a very good manner. Brilliant teacher. Thankyou.
Thanks, I have been looking for PaaS connectivity over the private network. Need to see some more demos with logic apps and Azure function.
Awesome explanation. Thanks Narayan
My question is how about connecting SQL Server from local machine to Azure SQL Server (if the Sql Server has had 'Private Link') ?
Great! Well explained
Really it's make more secure !!!
How about accessing any Azure Resources (PaaS) connecting privately, for example Azure Batch private endpoints connecting privately to Azure Storage account (blob/Files), not discussed in this video. Both the Private end point are with in the same VNET
Great explanation. Thanks
Thanks for that detailed explanation! Are there any disadvantages? Maybe with regards to scaling or access performance?
How would you compare this to the Application Service Environment? Can you create a video about this?
Thanks for the video. If I add system assigned managed identity for an ADF pipeline in this ADLS Gen2 (where you enable access via private end point), can ADF extract the files from the blob?
nice explination
Storage sub-resource didn't make any sense to me :( blob? where do you get that?
Hello there! Sub-resources are actually different storage services in Azure. They are Blob, Queue, Table, Files and Disks as documented here: msft.it/6052T2W5C
A private endpoint maps to a resource of specific storage service type.
Awesome!
Ok, but who accesses storage accounts or sql ddbbs in production from VMs? I'm surprised the obvious scenario hasn't been discused: what about service-to-service access? how to access from an app service or a function, either a storage, sql, or another app service? is that even in the roadmap??
Hey Luis!
WebApps or Functions can be deployed privately using VNet Integration to gain private access to other PaaS like Storage accounts or SQL servers using Private Endpoints, in this case both App Service and Data resources are private to the VNet. More information here: msft.it/6056TtqQk
Additionally, you can access the WebApp privately to completely secure the integration if is an exclusive private application. Here's how! msft.it/6058TtqQw
@@MicrosoftAzure private link for azure datafactory not working , I am trying to connect datafactory private link to onperm self hosted integration runtime, no success, even there is no proper documentation for the datafactory to connect with private link
Does this work to secure a Storage account for a remote employee who are using Azure Storage Explorer and their laptop is connected via Point-2-site VPN gateway ?
Hey there Saurabh! Yes, this should work in that scenario.
This is great
private endpoint and private link arent they different.