Azure App service can enable Private Endpoints for inbound traffic.
Customers may want to list all VNET subnets used for Private Endpoints, and enable Network Security Group for the Private Endpoints.
There is no way to do it from Azure portal. But the below Power shell script can help customers list all the subnets used for Private Endpoints.
$privateEndpoints = Get-AzPrivateEndpoint
$subnetIds = $privateEndpoints | ForEach-Object { $_.Subnet.Id }
$uniqueSubnetIds = $subnetIds | Sort-Object -Unique
foreach ($subnetId in $uniqueSubnetIds) {
Get-AzResource -ResourceId $subnetId
}
The output is like this
Check Get-AzPrivateEndpoint (Az.Network) | Microsoft Learn
By default, network policies are disabled for a subnet in a virtual network.
You need to assign the NSG name first in this subnet, then enable NSG in “Network Policy for Private Endpoint”, then the PE will be applied the NSG rule.
Manage network policies for private endpoints - Azure Private Link | Microsoft Learn
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.