Forum Discussion
Azure Private Endpoint
Hi,
I was looking at private endpoint for various PaaS services, such as storage (file services). However I realized that NSG are not in GA.
This was disappointing. For instance I setup a lab with a storage account and Azure Files and enabled private endpoint. My lab had the following setup:
VNET-A: 10.1.2.0/23 with Subnet-1 10.1.3.0/26
The storage account private link NIC was on 10.1.3.4
VNET-B: 10.1.5.0/24 with Subnet-2 10.1.5.96/27
A Server 2019 VM was on 10.1.5.100
Using private link I can mount the storage account and access over SMB, however there is no way to block inbound access to the File Share, for example using an NSG on the Subnet-A, my understand is that this is a public preview feature only?
However if I use the storage account 'firewall and virtual network settings' rather then the 'private endpoint connections' settings I can use the 'allow access from > selected networks' to allow or block access to the azure files storage.
I wondering what benefit the private endpoint feature offers if NSG support is not in GA?
- Remco8888Copper ContributorIt's good to know that if a feature is in Public Preview, that you still can get support from Microsoft, and that only the SLA's are not applicable: :
https://azure.microsoft.com/en-us/support/legal/preview-supplemental-terms/
It still holds some value as you need to be routed through your internal network instead of public network.