Private Link
Definition
Private Link is a network feature that allows secure access to services over a private endpoint within a virtual network, eliminating exposure to the public internet. It enables connectivity to Azure services, customer-owned services, or partner services through a private IP address in a virtual network. This approach enhances security by reducing the attack surface and ensuring data remains within a trusted network boundary.
Secure Settings Example
# Azure Private Link Service Configuration
resources:
- name: myPrivateLinkService
type: Microsoft.Network/privateLinkServices
apiVersion: 2021-02-01
location: eastus
properties:
visibility:
subscriptions:
- "subscription-id-1"
autoApproval:
subscriptions:
- "subscription-id-2"
ipConfigurations:
- name: myPrivateLinkServiceIPConfig
properties:
privateIPAddress: "10.0.0.4"
privateIPAllocationMethod: Static
subnet:
id: "/subscriptions/subscription-id/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVnet/subnets/mySubnet"
Insecure Settings Example
# Azure Private Link Service Configuration with Public Exposure
resources:
- name: myPublicLinkService
type: Microsoft.Network/privateLinkServices
apiVersion: 2021-02-01
location: eastus
properties:
visibility: {}
autoApproval: {}
ipConfigurations:
- name: myPublicLinkServiceIPConfig
properties:
privateIPAddress: "10.0.0.4"
privateIPAllocationMethod: Dynamic
subnet:
id: "/subscriptions/subscription-id/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVnet/subnets/mySubnet"