With an increased security and privacy in mind Microsoft has been working on private links to Azure resources. Azure Private Link is a secure way to consume Azure Services like Azure SQL and Azure Storage using a private connection in your own VNet. This will replace the need for IaaS hosted virtual machines with SQL Server or the file server role installed.
Azure Private Link brings Azure services inside the customer’s private VNet. The service resources can be accessed using the private IP address just like any other resource in the VNet. It is basically an NIC inside one of your VNET’s. This will allow all traffic to flow over the internal network, and will not go over the internet. There is no need to put gateways or any other network devices in place to make this happen.
Azure Private Link provides the following benefits:
- Private access within Azure: Connect with Azure Resource using an internal IP address. Eliminating the need for public IP Adresses at the source and destionation.
- No external exposure: With Azure Private Link, the private endpoint in the VNet is mapped to a specific instance of the customer’s PaaS resource as opposed to the entire service. This will also work with network extension from on-premise networks.
- Extend to your own services: Leverage the same experience and functionality to render your own service privately to your consumers in Azure. By placing your service behind a Standard Load Balancer you can enable it for Private Link.
The following table lists the Private Link services and the regions where they are available in the preview period.
|Scenario||Supported services||Available regions|
|Private Link for customer-owned services||Private Link services behind Standard Load Balancer||West Central US; WestUS; South Central US; East US; North US|
|Private Link for Azure PaaS services||Azure Storage||East US, West US, West Central US|
|Azure Data Lake Storage Gen2||East US, West US, West Central US|
|Azure SQL Database||West Central US; WestUS; South Central US; East US; North US|
|Azure SQL Data Warehouse||West Central US; WestUS; South Central US; East US; North US|