top of page
Writer's picturePrajeesh Prathap

Azure private endpoint vs. private link service - Azure daily #15

Azure Private Endpoints is a way to integrate a PaaS resource into your Virtual Network, however it will allocated a Private IP address, effectively bringing the service into your VNet.

You can use private endpoints for your Azure Storage accounts to allow clients on a virtual network (VNet) to securely access data over a Private Link. The private endpoint uses an IP address from the VNet address space for your storage account service. Network traffic between the clients on the VNet and the storage account traverses over the VNet and a private link on the Microsoft backbone network, eliminating exposure from the public internet.




Azure Private Link service on the other hand is the reference to your own service that is powered by Azure Private Link. Your service that is running behind Azure Standard Load Balancer can be enabled for Private Link access so that consumers to your service can access it privately from their own VNets. Your customers can create a private endpoint inside their VNet and map it to this service.


With private link service, consumers can control exposure of their service to providers by using the visibility service. Consumers that have access to this private link should then created a private endpoint in their VNets for this private link. Once the endpoint is created the provider can decide whether to accept or reject this connection request.


As you can see, private links allow better secure control access to your service via a Standard load balancer.




 

References:


3,323 views0 comments

Comments


bottom of page