We recommend using Azure Native.
azure.privatelink.Endpoint
Explore with Pulumi AI
Manages a Private Endpoint.
Azure Private Endpoint is a network interface that connects you privately and securely to a service powered by Azure Private Link. Private Endpoint uses a private IP address from your VNet, effectively bringing the service into your VNet. The service could be an Azure service such as Azure Storage, SQL, etc. or your own Private Link Service.
Example Usage
Coming soon!
Coming soon!
Coming soon!
Coming soon!
Coming soon!
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-resources
location: West Europe
exampleVirtualNetwork:
type: azure:network:VirtualNetwork
name: example
properties:
name: example-network
addressSpaces:
- 10.0.0.0/16
location: ${example.location}
resourceGroupName: ${example.name}
service:
type: azure:network:Subnet
properties:
name: service
resourceGroupName: ${example.name}
virtualNetworkName: ${exampleVirtualNetwork.name}
addressPrefixes:
- 10.0.1.0/24
enforcePrivateLinkServiceNetworkPolicies: true
endpoint:
type: azure:network:Subnet
properties:
name: endpoint
resourceGroupName: ${example.name}
virtualNetworkName: ${exampleVirtualNetwork.name}
addressPrefixes:
- 10.0.2.0/24
enforcePrivateLinkEndpointNetworkPolicies: true
examplePublicIp:
type: azure:network:PublicIp
name: example
properties:
name: example-pip
sku: Standard
location: ${example.location}
resourceGroupName: ${example.name}
allocationMethod: Static
exampleLoadBalancer:
type: azure:lb:LoadBalancer
name: example
properties:
name: example-lb
sku: Standard
location: ${example.location}
resourceGroupName: ${example.name}
frontendIpConfigurations:
- name: ${examplePublicIp.name}
publicIpAddressId: ${examplePublicIp.id}
exampleLinkService:
type: azure:privatedns:LinkService
name: example
properties:
name: example-privatelink
location: ${example.location}
resourceGroupName: ${example.name}
natIpConfigurations:
- name: ${examplePublicIp.name}
primary: true
subnetId: ${service.id}
loadBalancerFrontendIpConfigurationIds:
- ${exampleLoadBalancer.frontendIpConfigurations[0].id}
exampleEndpoint:
type: azure:privatelink:Endpoint
name: example
properties:
name: example-endpoint
location: ${example.location}
resourceGroupName: ${example.name}
subnetId: ${endpoint.id}
privateServiceConnection:
name: example-privateserviceconnection
privateConnectionResourceId: ${exampleLinkService.id}
isManualConnection: false
Using a Private Link Service Alias with existing resources:
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = azure.core.getResourceGroup({
name: "example-resources",
});
const vnet = example.then(example => azure.network.getVirtualNetwork({
name: "example-network",
resourceGroupName: example.name,
}));
const subnet = Promise.all([vnet, example]).then(([vnet, example]) => azure.network.getSubnet({
name: "default",
virtualNetworkName: vnet.name,
resourceGroupName: example.name,
}));
const exampleEndpoint = new azure.privatelink.Endpoint("example", {
name: "example-endpoint",
location: example.then(example => example.location),
resourceGroupName: example.then(example => example.name),
subnetId: subnet.then(subnet => subnet.id),
privateServiceConnection: {
name: "example-privateserviceconnection",
privateConnectionResourceAlias: "example-privatelinkservice.d20286c8-4ea5-11eb-9584-8f53157226c6.centralus.azure.privatelinkservice",
isManualConnection: true,
requestMessage: "PL",
},
});
import pulumi
import pulumi_azure as azure
example = azure.core.get_resource_group(name="example-resources")
vnet = azure.network.get_virtual_network(name="example-network",
resource_group_name=example.name)
subnet = azure.network.get_subnet(name="default",
virtual_network_name=vnet.name,
resource_group_name=example.name)
example_endpoint = azure.privatelink.Endpoint("example",
name="example-endpoint",
location=example.location,
resource_group_name=example.name,
subnet_id=subnet.id,
private_service_connection={
"name": "example-privateserviceconnection",
"private_connection_resource_alias": "example-privatelinkservice.d20286c8-4ea5-11eb-9584-8f53157226c6.centralus.azure.privatelinkservice",
"is_manual_connection": True,
"request_message": "PL",
})
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/network"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/privatelink"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.LookupResourceGroup(ctx, &core.LookupResourceGroupArgs{
Name: "example-resources",
}, nil)
if err != nil {
return err
}
vnet, err := network.LookupVirtualNetwork(ctx, &network.LookupVirtualNetworkArgs{
Name: "example-network",
ResourceGroupName: example.Name,
}, nil)
if err != nil {
return err
}
subnet, err := network.LookupSubnet(ctx, &network.LookupSubnetArgs{
Name: "default",
VirtualNetworkName: vnet.Name,
ResourceGroupName: example.Name,
}, nil)
if err != nil {
return err
}
_, err = privatelink.NewEndpoint(ctx, "example", &privatelink.EndpointArgs{
Name: pulumi.String("example-endpoint"),
Location: pulumi.String(example.Location),
ResourceGroupName: pulumi.String(example.Name),
SubnetId: pulumi.String(subnet.Id),
PrivateServiceConnection: &privatelink.EndpointPrivateServiceConnectionArgs{
Name: pulumi.String("example-privateserviceconnection"),
PrivateConnectionResourceAlias: pulumi.String("example-privatelinkservice.d20286c8-4ea5-11eb-9584-8f53157226c6.centralus.azure.privatelinkservice"),
IsManualConnection: pulumi.Bool(true),
RequestMessage: pulumi.String("PL"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = Azure.Core.GetResourceGroup.Invoke(new()
{
Name = "example-resources",
});
var vnet = Azure.Network.GetVirtualNetwork.Invoke(new()
{
Name = "example-network",
ResourceGroupName = example.Apply(getResourceGroupResult => getResourceGroupResult.Name),
});
var subnet = Azure.Network.GetSubnet.Invoke(new()
{
Name = "default",
VirtualNetworkName = vnet.Apply(getVirtualNetworkResult => getVirtualNetworkResult.Name),
ResourceGroupName = example.Apply(getResourceGroupResult => getResourceGroupResult.Name),
});
var exampleEndpoint = new Azure.PrivateLink.Endpoint("example", new()
{
Name = "example-endpoint",
Location = example.Apply(getResourceGroupResult => getResourceGroupResult.Location),
ResourceGroupName = example.Apply(getResourceGroupResult => getResourceGroupResult.Name),
SubnetId = subnet.Apply(getSubnetResult => getSubnetResult.Id),
PrivateServiceConnection = new Azure.PrivateLink.Inputs.EndpointPrivateServiceConnectionArgs
{
Name = "example-privateserviceconnection",
PrivateConnectionResourceAlias = "example-privatelinkservice.d20286c8-4ea5-11eb-9584-8f53157226c6.centralus.azure.privatelinkservice",
IsManualConnection = true,
RequestMessage = "PL",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.core.inputs.GetResourceGroupArgs;
import com.pulumi.azure.network.NetworkFunctions;
import com.pulumi.azure.network.inputs.GetVirtualNetworkArgs;
import com.pulumi.azure.network.inputs.GetSubnetArgs;
import com.pulumi.azure.privatelink.Endpoint;
import com.pulumi.azure.privatelink.EndpointArgs;
import com.pulumi.azure.privatelink.inputs.EndpointPrivateServiceConnectionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = CoreFunctions.getResourceGroup(GetResourceGroupArgs.builder()
.name("example-resources")
.build());
final var vnet = NetworkFunctions.getVirtualNetwork(GetVirtualNetworkArgs.builder()
.name("example-network")
.resourceGroupName(example.applyValue(getResourceGroupResult -> getResourceGroupResult.name()))
.build());
final var subnet = NetworkFunctions.getSubnet(GetSubnetArgs.builder()
.name("default")
.virtualNetworkName(vnet.applyValue(getVirtualNetworkResult -> getVirtualNetworkResult.name()))
.resourceGroupName(example.applyValue(getResourceGroupResult -> getResourceGroupResult.name()))
.build());
var exampleEndpoint = new Endpoint("exampleEndpoint", EndpointArgs.builder()
.name("example-endpoint")
.location(example.applyValue(getResourceGroupResult -> getResourceGroupResult.location()))
.resourceGroupName(example.applyValue(getResourceGroupResult -> getResourceGroupResult.name()))
.subnetId(subnet.applyValue(getSubnetResult -> getSubnetResult.id()))
.privateServiceConnection(EndpointPrivateServiceConnectionArgs.builder()
.name("example-privateserviceconnection")
.privateConnectionResourceAlias("example-privatelinkservice.d20286c8-4ea5-11eb-9584-8f53157226c6.centralus.azure.privatelinkservice")
.isManualConnection(true)
.requestMessage("PL")
.build())
.build());
}
}
resources:
exampleEndpoint:
type: azure:privatelink:Endpoint
name: example
properties:
name: example-endpoint
location: ${example.location}
resourceGroupName: ${example.name}
subnetId: ${subnet.id}
privateServiceConnection:
name: example-privateserviceconnection
privateConnectionResourceAlias: example-privatelinkservice.d20286c8-4ea5-11eb-9584-8f53157226c6.centralus.azure.privatelinkservice
isManualConnection: true
requestMessage: PL
variables:
example:
fn::invoke:
Function: azure:core:getResourceGroup
Arguments:
name: example-resources
vnet:
fn::invoke:
Function: azure:network:getVirtualNetwork
Arguments:
name: example-network
resourceGroupName: ${example.name}
subnet:
fn::invoke:
Function: azure:network:getSubnet
Arguments:
name: default
virtualNetworkName: ${vnet.name}
resourceGroupName: ${example.name}
Using a Private Endpoint pointing to an owned Azure service, with proper DNS configuration:
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
name: "example-rg",
location: "West Europe",
});
const exampleAccount = new azure.storage.Account("example", {
name: "exampleaccount",
resourceGroupName: example.name,
location: example.location,
accountTier: "Standard",
accountReplicationType: "LRS",
});
const exampleVirtualNetwork = new azure.network.VirtualNetwork("example", {
name: "virtnetname",
addressSpaces: ["10.0.0.0/16"],
location: example.location,
resourceGroupName: example.name,
});
const exampleSubnet = new azure.network.Subnet("example", {
name: "subnetname",
resourceGroupName: example.name,
virtualNetworkName: exampleVirtualNetwork.name,
addressPrefixes: ["10.0.2.0/24"],
});
const exampleZone = new azure.privatedns.Zone("example", {
name: "privatelink.blob.core.windows.net",
resourceGroupName: example.name,
});
const exampleEndpoint = new azure.privatelink.Endpoint("example", {
name: "example-endpoint",
location: example.location,
resourceGroupName: example.name,
subnetId: exampleSubnet.id,
privateServiceConnection: {
name: "example-privateserviceconnection",
privateConnectionResourceId: exampleAccount.id,
subresourceNames: ["blob"],
isManualConnection: false,
},
privateDnsZoneGroup: {
name: "example-dns-zone-group",
privateDnsZoneIds: [exampleZone.id],
},
});
const exampleZoneVirtualNetworkLink = new azure.privatedns.ZoneVirtualNetworkLink("example", {
name: "example-link",
resourceGroupName: example.name,
privateDnsZoneName: exampleZone.name,
virtualNetworkId: exampleVirtualNetwork.id,
});
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
name="example-rg",
location="West Europe")
example_account = azure.storage.Account("example",
name="exampleaccount",
resource_group_name=example.name,
location=example.location,
account_tier="Standard",
account_replication_type="LRS")
example_virtual_network = azure.network.VirtualNetwork("example",
name="virtnetname",
address_spaces=["10.0.0.0/16"],
location=example.location,
resource_group_name=example.name)
example_subnet = azure.network.Subnet("example",
name="subnetname",
resource_group_name=example.name,
virtual_network_name=example_virtual_network.name,
address_prefixes=["10.0.2.0/24"])
example_zone = azure.privatedns.Zone("example",
name="privatelink.blob.core.windows.net",
resource_group_name=example.name)
example_endpoint = azure.privatelink.Endpoint("example",
name="example-endpoint",
location=example.location,
resource_group_name=example.name,
subnet_id=example_subnet.id,
private_service_connection={
"name": "example-privateserviceconnection",
"private_connection_resource_id": example_account.id,
"subresource_names": ["blob"],
"is_manual_connection": False,
},
private_dns_zone_group={
"name": "example-dns-zone-group",
"private_dns_zone_ids": [example_zone.id],
})
example_zone_virtual_network_link = azure.privatedns.ZoneVirtualNetworkLink("example",
name="example-link",
resource_group_name=example.name,
private_dns_zone_name=example_zone.name,
virtual_network_id=example_virtual_network.id)
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/network"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/privatedns"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/privatelink"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/storage"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-rg"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleAccount, err := storage.NewAccount(ctx, "example", &storage.AccountArgs{
Name: pulumi.String("exampleaccount"),
ResourceGroupName: example.Name,
Location: example.Location,
AccountTier: pulumi.String("Standard"),
AccountReplicationType: pulumi.String("LRS"),
})
if err != nil {
return err
}
exampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, "example", &network.VirtualNetworkArgs{
Name: pulumi.String("virtnetname"),
AddressSpaces: pulumi.StringArray{
pulumi.String("10.0.0.0/16"),
},
Location: example.Location,
ResourceGroupName: example.Name,
})
if err != nil {
return err
}
exampleSubnet, err := network.NewSubnet(ctx, "example", &network.SubnetArgs{
Name: pulumi.String("subnetname"),
ResourceGroupName: example.Name,
VirtualNetworkName: exampleVirtualNetwork.Name,
AddressPrefixes: pulumi.StringArray{
pulumi.String("10.0.2.0/24"),
},
})
if err != nil {
return err
}
exampleZone, err := privatedns.NewZone(ctx, "example", &privatedns.ZoneArgs{
Name: pulumi.String("privatelink.blob.core.windows.net"),
ResourceGroupName: example.Name,
})
if err != nil {
return err
}
_, err = privatelink.NewEndpoint(ctx, "example", &privatelink.EndpointArgs{
Name: pulumi.String("example-endpoint"),
Location: example.Location,
ResourceGroupName: example.Name,
SubnetId: exampleSubnet.ID(),
PrivateServiceConnection: &privatelink.EndpointPrivateServiceConnectionArgs{
Name: pulumi.String("example-privateserviceconnection"),
PrivateConnectionResourceId: exampleAccount.ID(),
SubresourceNames: pulumi.StringArray{
pulumi.String("blob"),
},
IsManualConnection: pulumi.Bool(false),
},
PrivateDnsZoneGroup: &privatelink.EndpointPrivateDnsZoneGroupArgs{
Name: pulumi.String("example-dns-zone-group"),
PrivateDnsZoneIds: pulumi.StringArray{
exampleZone.ID(),
},
},
})
if err != nil {
return err
}
_, err = privatedns.NewZoneVirtualNetworkLink(ctx, "example", &privatedns.ZoneVirtualNetworkLinkArgs{
Name: pulumi.String("example-link"),
ResourceGroupName: example.Name,
PrivateDnsZoneName: exampleZone.Name,
VirtualNetworkId: exampleVirtualNetwork.ID(),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-rg",
Location = "West Europe",
});
var exampleAccount = new Azure.Storage.Account("example", new()
{
Name = "exampleaccount",
ResourceGroupName = example.Name,
Location = example.Location,
AccountTier = "Standard",
AccountReplicationType = "LRS",
});
var exampleVirtualNetwork = new Azure.Network.VirtualNetwork("example", new()
{
Name = "virtnetname",
AddressSpaces = new[]
{
"10.0.0.0/16",
},
Location = example.Location,
ResourceGroupName = example.Name,
});
var exampleSubnet = new Azure.Network.Subnet("example", new()
{
Name = "subnetname",
ResourceGroupName = example.Name,
VirtualNetworkName = exampleVirtualNetwork.Name,
AddressPrefixes = new[]
{
"10.0.2.0/24",
},
});
var exampleZone = new Azure.PrivateDns.Zone("example", new()
{
Name = "privatelink.blob.core.windows.net",
ResourceGroupName = example.Name,
});
var exampleEndpoint = new Azure.PrivateLink.Endpoint("example", new()
{
Name = "example-endpoint",
Location = example.Location,
ResourceGroupName = example.Name,
SubnetId = exampleSubnet.Id,
PrivateServiceConnection = new Azure.PrivateLink.Inputs.EndpointPrivateServiceConnectionArgs
{
Name = "example-privateserviceconnection",
PrivateConnectionResourceId = exampleAccount.Id,
SubresourceNames = new[]
{
"blob",
},
IsManualConnection = false,
},
PrivateDnsZoneGroup = new Azure.PrivateLink.Inputs.EndpointPrivateDnsZoneGroupArgs
{
Name = "example-dns-zone-group",
PrivateDnsZoneIds = new[]
{
exampleZone.Id,
},
},
});
var exampleZoneVirtualNetworkLink = new Azure.PrivateDns.ZoneVirtualNetworkLink("example", new()
{
Name = "example-link",
ResourceGroupName = example.Name,
PrivateDnsZoneName = exampleZone.Name,
VirtualNetworkId = exampleVirtualNetwork.Id,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.network.VirtualNetwork;
import com.pulumi.azure.network.VirtualNetworkArgs;
import com.pulumi.azure.network.Subnet;
import com.pulumi.azure.network.SubnetArgs;
import com.pulumi.azure.privatedns.Zone;
import com.pulumi.azure.privatedns.ZoneArgs;
import com.pulumi.azure.privatelink.Endpoint;
import com.pulumi.azure.privatelink.EndpointArgs;
import com.pulumi.azure.privatelink.inputs.EndpointPrivateServiceConnectionArgs;
import com.pulumi.azure.privatelink.inputs.EndpointPrivateDnsZoneGroupArgs;
import com.pulumi.azure.privatedns.ZoneVirtualNetworkLink;
import com.pulumi.azure.privatedns.ZoneVirtualNetworkLinkArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-rg")
.location("West Europe")
.build());
var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
.name("exampleaccount")
.resourceGroupName(example.name())
.location(example.location())
.accountTier("Standard")
.accountReplicationType("LRS")
.build());
var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder()
.name("virtnetname")
.addressSpaces("10.0.0.0/16")
.location(example.location())
.resourceGroupName(example.name())
.build());
var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder()
.name("subnetname")
.resourceGroupName(example.name())
.virtualNetworkName(exampleVirtualNetwork.name())
.addressPrefixes("10.0.2.0/24")
.build());
var exampleZone = new Zone("exampleZone", ZoneArgs.builder()
.name("privatelink.blob.core.windows.net")
.resourceGroupName(example.name())
.build());
var exampleEndpoint = new Endpoint("exampleEndpoint", EndpointArgs.builder()
.name("example-endpoint")
.location(example.location())
.resourceGroupName(example.name())
.subnetId(exampleSubnet.id())
.privateServiceConnection(EndpointPrivateServiceConnectionArgs.builder()
.name("example-privateserviceconnection")
.privateConnectionResourceId(exampleAccount.id())
.subresourceNames("blob")
.isManualConnection(false)
.build())
.privateDnsZoneGroup(EndpointPrivateDnsZoneGroupArgs.builder()
.name("example-dns-zone-group")
.privateDnsZoneIds(exampleZone.id())
.build())
.build());
var exampleZoneVirtualNetworkLink = new ZoneVirtualNetworkLink("exampleZoneVirtualNetworkLink", ZoneVirtualNetworkLinkArgs.builder()
.name("example-link")
.resourceGroupName(example.name())
.privateDnsZoneName(exampleZone.name())
.virtualNetworkId(exampleVirtualNetwork.id())
.build());
}
}
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-rg
location: West Europe
exampleAccount:
type: azure:storage:Account
name: example
properties:
name: exampleaccount
resourceGroupName: ${example.name}
location: ${example.location}
accountTier: Standard
accountReplicationType: LRS
exampleVirtualNetwork:
type: azure:network:VirtualNetwork
name: example
properties:
name: virtnetname
addressSpaces:
- 10.0.0.0/16
location: ${example.location}
resourceGroupName: ${example.name}
exampleSubnet:
type: azure:network:Subnet
name: example
properties:
name: subnetname
resourceGroupName: ${example.name}
virtualNetworkName: ${exampleVirtualNetwork.name}
addressPrefixes:
- 10.0.2.0/24
exampleEndpoint:
type: azure:privatelink:Endpoint
name: example
properties:
name: example-endpoint
location: ${example.location}
resourceGroupName: ${example.name}
subnetId: ${exampleSubnet.id}
privateServiceConnection:
name: example-privateserviceconnection
privateConnectionResourceId: ${exampleAccount.id}
subresourceNames:
- blob
isManualConnection: false
privateDnsZoneGroup:
name: example-dns-zone-group
privateDnsZoneIds:
- ${exampleZone.id}
exampleZone:
type: azure:privatedns:Zone
name: example
properties:
name: privatelink.blob.core.windows.net
resourceGroupName: ${example.name}
exampleZoneVirtualNetworkLink:
type: azure:privatedns:ZoneVirtualNetworkLink
name: example
properties:
name: example-link
resourceGroupName: ${example.name}
privateDnsZoneName: ${exampleZone.name}
virtualNetworkId: ${exampleVirtualNetwork.id}
Example HCL Configurations
- How to conneca
Private Endpoint
to a Application Gateway - How to connect a
Private Endpoint
to a Cosmos MongoDB - How to connect a
Private Endpoint
to a Cosmos PostgreSQL - How to connect a
Private Endpoint
to a PostgreSQL Server - How to connect a
Private Endpoint
to a Private Link Service - How to connect a
Private Endpoint
to a Private DNS Group - How to connect a
Private Endpoint
to a Databricks Workspace
Create Endpoint Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Endpoint(name: string, args: EndpointArgs, opts?: CustomResourceOptions);
@overload
def Endpoint(resource_name: str,
args: EndpointArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Endpoint(resource_name: str,
opts: Optional[ResourceOptions] = None,
private_service_connection: Optional[EndpointPrivateServiceConnectionArgs] = None,
resource_group_name: Optional[str] = None,
subnet_id: Optional[str] = None,
custom_network_interface_name: Optional[str] = None,
ip_configurations: Optional[Sequence[EndpointIpConfigurationArgs]] = None,
location: Optional[str] = None,
name: Optional[str] = None,
private_dns_zone_group: Optional[EndpointPrivateDnsZoneGroupArgs] = None,
tags: Optional[Mapping[str, str]] = None)
func NewEndpoint(ctx *Context, name string, args EndpointArgs, opts ...ResourceOption) (*Endpoint, error)
public Endpoint(string name, EndpointArgs args, CustomResourceOptions? opts = null)
public Endpoint(String name, EndpointArgs args)
public Endpoint(String name, EndpointArgs args, CustomResourceOptions options)
type: azure:privatelink:Endpoint
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args EndpointArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args EndpointArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args EndpointArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args EndpointArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args EndpointArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var azureEndpointResource = new Azure.PrivateLink.Endpoint("azureEndpointResource", new()
{
PrivateServiceConnection = new Azure.PrivateLink.Inputs.EndpointPrivateServiceConnectionArgs
{
IsManualConnection = false,
Name = "string",
PrivateConnectionResourceAlias = "string",
PrivateConnectionResourceId = "string",
PrivateIpAddress = "string",
RequestMessage = "string",
SubresourceNames = new[]
{
"string",
},
},
ResourceGroupName = "string",
SubnetId = "string",
CustomNetworkInterfaceName = "string",
IpConfigurations = new[]
{
new Azure.PrivateLink.Inputs.EndpointIpConfigurationArgs
{
Name = "string",
PrivateIpAddress = "string",
MemberName = "string",
SubresourceName = "string",
},
},
Location = "string",
Name = "string",
PrivateDnsZoneGroup = new Azure.PrivateLink.Inputs.EndpointPrivateDnsZoneGroupArgs
{
Name = "string",
PrivateDnsZoneIds = new[]
{
"string",
},
Id = "string",
},
Tags =
{
{ "string", "string" },
},
});
example, err := privatelink.NewEndpoint(ctx, "azureEndpointResource", &privatelink.EndpointArgs{
PrivateServiceConnection: &privatelink.EndpointPrivateServiceConnectionArgs{
IsManualConnection: pulumi.Bool(false),
Name: pulumi.String("string"),
PrivateConnectionResourceAlias: pulumi.String("string"),
PrivateConnectionResourceId: pulumi.String("string"),
PrivateIpAddress: pulumi.String("string"),
RequestMessage: pulumi.String("string"),
SubresourceNames: pulumi.StringArray{
pulumi.String("string"),
},
},
ResourceGroupName: pulumi.String("string"),
SubnetId: pulumi.String("string"),
CustomNetworkInterfaceName: pulumi.String("string"),
IpConfigurations: privatelink.EndpointIpConfigurationArray{
&privatelink.EndpointIpConfigurationArgs{
Name: pulumi.String("string"),
PrivateIpAddress: pulumi.String("string"),
MemberName: pulumi.String("string"),
SubresourceName: pulumi.String("string"),
},
},
Location: pulumi.String("string"),
Name: pulumi.String("string"),
PrivateDnsZoneGroup: &privatelink.EndpointPrivateDnsZoneGroupArgs{
Name: pulumi.String("string"),
PrivateDnsZoneIds: pulumi.StringArray{
pulumi.String("string"),
},
Id: pulumi.String("string"),
},
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
})
var azureEndpointResource = new Endpoint("azureEndpointResource", EndpointArgs.builder()
.privateServiceConnection(EndpointPrivateServiceConnectionArgs.builder()
.isManualConnection(false)
.name("string")
.privateConnectionResourceAlias("string")
.privateConnectionResourceId("string")
.privateIpAddress("string")
.requestMessage("string")
.subresourceNames("string")
.build())
.resourceGroupName("string")
.subnetId("string")
.customNetworkInterfaceName("string")
.ipConfigurations(EndpointIpConfigurationArgs.builder()
.name("string")
.privateIpAddress("string")
.memberName("string")
.subresourceName("string")
.build())
.location("string")
.name("string")
.privateDnsZoneGroup(EndpointPrivateDnsZoneGroupArgs.builder()
.name("string")
.privateDnsZoneIds("string")
.id("string")
.build())
.tags(Map.of("string", "string"))
.build());
azure_endpoint_resource = azure.privatelink.Endpoint("azureEndpointResource",
private_service_connection={
"is_manual_connection": False,
"name": "string",
"private_connection_resource_alias": "string",
"private_connection_resource_id": "string",
"private_ip_address": "string",
"request_message": "string",
"subresource_names": ["string"],
},
resource_group_name="string",
subnet_id="string",
custom_network_interface_name="string",
ip_configurations=[{
"name": "string",
"private_ip_address": "string",
"member_name": "string",
"subresource_name": "string",
}],
location="string",
name="string",
private_dns_zone_group={
"name": "string",
"private_dns_zone_ids": ["string"],
"id": "string",
},
tags={
"string": "string",
})
const azureEndpointResource = new azure.privatelink.Endpoint("azureEndpointResource", {
privateServiceConnection: {
isManualConnection: false,
name: "string",
privateConnectionResourceAlias: "string",
privateConnectionResourceId: "string",
privateIpAddress: "string",
requestMessage: "string",
subresourceNames: ["string"],
},
resourceGroupName: "string",
subnetId: "string",
customNetworkInterfaceName: "string",
ipConfigurations: [{
name: "string",
privateIpAddress: "string",
memberName: "string",
subresourceName: "string",
}],
location: "string",
name: "string",
privateDnsZoneGroup: {
name: "string",
privateDnsZoneIds: ["string"],
id: "string",
},
tags: {
string: "string",
},
});
type: azure:privatelink:Endpoint
properties:
customNetworkInterfaceName: string
ipConfigurations:
- memberName: string
name: string
privateIpAddress: string
subresourceName: string
location: string
name: string
privateDnsZoneGroup:
id: string
name: string
privateDnsZoneIds:
- string
privateServiceConnection:
isManualConnection: false
name: string
privateConnectionResourceAlias: string
privateConnectionResourceId: string
privateIpAddress: string
requestMessage: string
subresourceNames:
- string
resourceGroupName: string
subnetId: string
tags:
string: string
Endpoint Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Endpoint resource accepts the following input properties:
- Private
Service EndpointConnection Private Service Connection - A
private_service_connection
block as defined below. - Resource
Group stringName - Specifies the Name of the Resource Group within which the Private Endpoint should exist. Changing this forces a new resource to be created.
- Subnet
Id string - The ID of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint. Changing this forces a new resource to be created.
- Custom
Network stringInterface Name - The custom name of the network interface attached to the private endpoint. Changing this forces a new resource to be created.
- Ip
Configurations List<EndpointIp Configuration> - One or more
ip_configuration
blocks as defined below. This allows a static IP address to be set for this Private Endpoint, otherwise an address is dynamically allocated from the Subnet. - Location string
- The supported Azure location where the resource exists. Changing this forces a new resource to be created.
- Name string
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- Private
Dns EndpointZone Group Private Dns Zone Group - A
private_dns_zone_group
block as defined below. - Dictionary<string, string>
- A mapping of tags to assign to the resource.
- Private
Service EndpointConnection Private Service Connection Args - A
private_service_connection
block as defined below. - Resource
Group stringName - Specifies the Name of the Resource Group within which the Private Endpoint should exist. Changing this forces a new resource to be created.
- Subnet
Id string - The ID of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint. Changing this forces a new resource to be created.
- Custom
Network stringInterface Name - The custom name of the network interface attached to the private endpoint. Changing this forces a new resource to be created.
- Ip
Configurations []EndpointIp Configuration Args - One or more
ip_configuration
blocks as defined below. This allows a static IP address to be set for this Private Endpoint, otherwise an address is dynamically allocated from the Subnet. - Location string
- The supported Azure location where the resource exists. Changing this forces a new resource to be created.
- Name string
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- Private
Dns EndpointZone Group Private Dns Zone Group Args - A
private_dns_zone_group
block as defined below. - map[string]string
- A mapping of tags to assign to the resource.
- private
Service EndpointConnection Private Service Connection - A
private_service_connection
block as defined below. - resource
Group StringName - Specifies the Name of the Resource Group within which the Private Endpoint should exist. Changing this forces a new resource to be created.
- subnet
Id String - The ID of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint. Changing this forces a new resource to be created.
- custom
Network StringInterface Name - The custom name of the network interface attached to the private endpoint. Changing this forces a new resource to be created.
- ip
Configurations List<EndpointIp Configuration> - One or more
ip_configuration
blocks as defined below. This allows a static IP address to be set for this Private Endpoint, otherwise an address is dynamically allocated from the Subnet. - location String
- The supported Azure location where the resource exists. Changing this forces a new resource to be created.
- name String
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- private
Dns EndpointZone Group Private Dns Zone Group - A
private_dns_zone_group
block as defined below. - Map<String,String>
- A mapping of tags to assign to the resource.
- private
Service EndpointConnection Private Service Connection - A
private_service_connection
block as defined below. - resource
Group stringName - Specifies the Name of the Resource Group within which the Private Endpoint should exist. Changing this forces a new resource to be created.
- subnet
Id string - The ID of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint. Changing this forces a new resource to be created.
- custom
Network stringInterface Name - The custom name of the network interface attached to the private endpoint. Changing this forces a new resource to be created.
- ip
Configurations EndpointIp Configuration[] - One or more
ip_configuration
blocks as defined below. This allows a static IP address to be set for this Private Endpoint, otherwise an address is dynamically allocated from the Subnet. - location string
- The supported Azure location where the resource exists. Changing this forces a new resource to be created.
- name string
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- private
Dns EndpointZone Group Private Dns Zone Group - A
private_dns_zone_group
block as defined below. - {[key: string]: string}
- A mapping of tags to assign to the resource.
- private_
service_ Endpointconnection Private Service Connection Args - A
private_service_connection
block as defined below. - resource_
group_ strname - Specifies the Name of the Resource Group within which the Private Endpoint should exist. Changing this forces a new resource to be created.
- subnet_
id str - The ID of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint. Changing this forces a new resource to be created.
- custom_
network_ strinterface_ name - The custom name of the network interface attached to the private endpoint. Changing this forces a new resource to be created.
- ip_
configurations Sequence[EndpointIp Configuration Args] - One or more
ip_configuration
blocks as defined below. This allows a static IP address to be set for this Private Endpoint, otherwise an address is dynamically allocated from the Subnet. - location str
- The supported Azure location where the resource exists. Changing this forces a new resource to be created.
- name str
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- private_
dns_ Endpointzone_ group Private Dns Zone Group Args - A
private_dns_zone_group
block as defined below. - Mapping[str, str]
- A mapping of tags to assign to the resource.
- private
Service Property MapConnection - A
private_service_connection
block as defined below. - resource
Group StringName - Specifies the Name of the Resource Group within which the Private Endpoint should exist. Changing this forces a new resource to be created.
- subnet
Id String - The ID of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint. Changing this forces a new resource to be created.
- custom
Network StringInterface Name - The custom name of the network interface attached to the private endpoint. Changing this forces a new resource to be created.
- ip
Configurations List<Property Map> - One or more
ip_configuration
blocks as defined below. This allows a static IP address to be set for this Private Endpoint, otherwise an address is dynamically allocated from the Subnet. - location String
- The supported Azure location where the resource exists. Changing this forces a new resource to be created.
- name String
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- private
Dns Property MapZone Group - A
private_dns_zone_group
block as defined below. - Map<String>
- A mapping of tags to assign to the resource.
Outputs
All input properties are implicitly available as output properties. Additionally, the Endpoint resource produces the following output properties:
- Custom
Dns List<EndpointConfigs Custom Dns Config> - A
custom_dns_configs
block as defined below. - Id string
- The provider-assigned unique ID for this managed resource.
- Network
Interfaces List<EndpointNetwork Interface> - A
network_interface
block as defined below. - Private
Dns List<EndpointZone Configs Private Dns Zone Config> - A
private_dns_zone_configs
block as defined below.
- Custom
Dns []EndpointConfigs Custom Dns Config - A
custom_dns_configs
block as defined below. - Id string
- The provider-assigned unique ID for this managed resource.
- Network
Interfaces []EndpointNetwork Interface - A
network_interface
block as defined below. - Private
Dns []EndpointZone Configs Private Dns Zone Config - A
private_dns_zone_configs
block as defined below.
- custom
Dns List<EndpointConfigs Custom Dns Config> - A
custom_dns_configs
block as defined below. - id String
- The provider-assigned unique ID for this managed resource.
- network
Interfaces List<EndpointNetwork Interface> - A
network_interface
block as defined below. - private
Dns List<EndpointZone Configs Private Dns Zone Config> - A
private_dns_zone_configs
block as defined below.
- custom
Dns EndpointConfigs Custom Dns Config[] - A
custom_dns_configs
block as defined below. - id string
- The provider-assigned unique ID for this managed resource.
- network
Interfaces EndpointNetwork Interface[] - A
network_interface
block as defined below. - private
Dns EndpointZone Configs Private Dns Zone Config[] - A
private_dns_zone_configs
block as defined below.
- custom_
dns_ Sequence[Endpointconfigs Custom Dns Config] - A
custom_dns_configs
block as defined below. - id str
- The provider-assigned unique ID for this managed resource.
- network_
interfaces Sequence[EndpointNetwork Interface] - A
network_interface
block as defined below. - private_
dns_ Sequence[Endpointzone_ configs Private Dns Zone Config] - A
private_dns_zone_configs
block as defined below.
- custom
Dns List<Property Map>Configs - A
custom_dns_configs
block as defined below. - id String
- The provider-assigned unique ID for this managed resource.
- network
Interfaces List<Property Map> - A
network_interface
block as defined below. - private
Dns List<Property Map>Zone Configs - A
private_dns_zone_configs
block as defined below.
Look up Existing Endpoint Resource
Get an existing Endpoint resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: EndpointState, opts?: CustomResourceOptions): Endpoint
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
custom_dns_configs: Optional[Sequence[EndpointCustomDnsConfigArgs]] = None,
custom_network_interface_name: Optional[str] = None,
ip_configurations: Optional[Sequence[EndpointIpConfigurationArgs]] = None,
location: Optional[str] = None,
name: Optional[str] = None,
network_interfaces: Optional[Sequence[EndpointNetworkInterfaceArgs]] = None,
private_dns_zone_configs: Optional[Sequence[EndpointPrivateDnsZoneConfigArgs]] = None,
private_dns_zone_group: Optional[EndpointPrivateDnsZoneGroupArgs] = None,
private_service_connection: Optional[EndpointPrivateServiceConnectionArgs] = None,
resource_group_name: Optional[str] = None,
subnet_id: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None) -> Endpoint
func GetEndpoint(ctx *Context, name string, id IDInput, state *EndpointState, opts ...ResourceOption) (*Endpoint, error)
public static Endpoint Get(string name, Input<string> id, EndpointState? state, CustomResourceOptions? opts = null)
public static Endpoint get(String name, Output<String> id, EndpointState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Custom
Dns List<EndpointConfigs Custom Dns Config> - A
custom_dns_configs
block as defined below. - Custom
Network stringInterface Name - The custom name of the network interface attached to the private endpoint. Changing this forces a new resource to be created.
- Ip
Configurations List<EndpointIp Configuration> - One or more
ip_configuration
blocks as defined below. This allows a static IP address to be set for this Private Endpoint, otherwise an address is dynamically allocated from the Subnet. - Location string
- The supported Azure location where the resource exists. Changing this forces a new resource to be created.
- Name string
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- Network
Interfaces List<EndpointNetwork Interface> - A
network_interface
block as defined below. - Private
Dns List<EndpointZone Configs Private Dns Zone Config> - A
private_dns_zone_configs
block as defined below. - Private
Dns EndpointZone Group Private Dns Zone Group - A
private_dns_zone_group
block as defined below. - Private
Service EndpointConnection Private Service Connection - A
private_service_connection
block as defined below. - Resource
Group stringName - Specifies the Name of the Resource Group within which the Private Endpoint should exist. Changing this forces a new resource to be created.
- Subnet
Id string - The ID of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint. Changing this forces a new resource to be created.
- Dictionary<string, string>
- A mapping of tags to assign to the resource.
- Custom
Dns []EndpointConfigs Custom Dns Config Args - A
custom_dns_configs
block as defined below. - Custom
Network stringInterface Name - The custom name of the network interface attached to the private endpoint. Changing this forces a new resource to be created.
- Ip
Configurations []EndpointIp Configuration Args - One or more
ip_configuration
blocks as defined below. This allows a static IP address to be set for this Private Endpoint, otherwise an address is dynamically allocated from the Subnet. - Location string
- The supported Azure location where the resource exists. Changing this forces a new resource to be created.
- Name string
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- Network
Interfaces []EndpointNetwork Interface Args - A
network_interface
block as defined below. - Private
Dns []EndpointZone Configs Private Dns Zone Config Args - A
private_dns_zone_configs
block as defined below. - Private
Dns EndpointZone Group Private Dns Zone Group Args - A
private_dns_zone_group
block as defined below. - Private
Service EndpointConnection Private Service Connection Args - A
private_service_connection
block as defined below. - Resource
Group stringName - Specifies the Name of the Resource Group within which the Private Endpoint should exist. Changing this forces a new resource to be created.
- Subnet
Id string - The ID of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint. Changing this forces a new resource to be created.
- map[string]string
- A mapping of tags to assign to the resource.
- custom
Dns List<EndpointConfigs Custom Dns Config> - A
custom_dns_configs
block as defined below. - custom
Network StringInterface Name - The custom name of the network interface attached to the private endpoint. Changing this forces a new resource to be created.
- ip
Configurations List<EndpointIp Configuration> - One or more
ip_configuration
blocks as defined below. This allows a static IP address to be set for this Private Endpoint, otherwise an address is dynamically allocated from the Subnet. - location String
- The supported Azure location where the resource exists. Changing this forces a new resource to be created.
- name String
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- network
Interfaces List<EndpointNetwork Interface> - A
network_interface
block as defined below. - private
Dns List<EndpointZone Configs Private Dns Zone Config> - A
private_dns_zone_configs
block as defined below. - private
Dns EndpointZone Group Private Dns Zone Group - A
private_dns_zone_group
block as defined below. - private
Service EndpointConnection Private Service Connection - A
private_service_connection
block as defined below. - resource
Group StringName - Specifies the Name of the Resource Group within which the Private Endpoint should exist. Changing this forces a new resource to be created.
- subnet
Id String - The ID of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint. Changing this forces a new resource to be created.
- Map<String,String>
- A mapping of tags to assign to the resource.
- custom
Dns EndpointConfigs Custom Dns Config[] - A
custom_dns_configs
block as defined below. - custom
Network stringInterface Name - The custom name of the network interface attached to the private endpoint. Changing this forces a new resource to be created.
- ip
Configurations EndpointIp Configuration[] - One or more
ip_configuration
blocks as defined below. This allows a static IP address to be set for this Private Endpoint, otherwise an address is dynamically allocated from the Subnet. - location string
- The supported Azure location where the resource exists. Changing this forces a new resource to be created.
- name string
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- network
Interfaces EndpointNetwork Interface[] - A
network_interface
block as defined below. - private
Dns EndpointZone Configs Private Dns Zone Config[] - A
private_dns_zone_configs
block as defined below. - private
Dns EndpointZone Group Private Dns Zone Group - A
private_dns_zone_group
block as defined below. - private
Service EndpointConnection Private Service Connection - A
private_service_connection
block as defined below. - resource
Group stringName - Specifies the Name of the Resource Group within which the Private Endpoint should exist. Changing this forces a new resource to be created.
- subnet
Id string - The ID of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint. Changing this forces a new resource to be created.
- {[key: string]: string}
- A mapping of tags to assign to the resource.
- custom_
dns_ Sequence[Endpointconfigs Custom Dns Config Args] - A
custom_dns_configs
block as defined below. - custom_
network_ strinterface_ name - The custom name of the network interface attached to the private endpoint. Changing this forces a new resource to be created.
- ip_
configurations Sequence[EndpointIp Configuration Args] - One or more
ip_configuration
blocks as defined below. This allows a static IP address to be set for this Private Endpoint, otherwise an address is dynamically allocated from the Subnet. - location str
- The supported Azure location where the resource exists. Changing this forces a new resource to be created.
- name str
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- network_
interfaces Sequence[EndpointNetwork Interface Args] - A
network_interface
block as defined below. - private_
dns_ Sequence[Endpointzone_ configs Private Dns Zone Config Args] - A
private_dns_zone_configs
block as defined below. - private_
dns_ Endpointzone_ group Private Dns Zone Group Args - A
private_dns_zone_group
block as defined below. - private_
service_ Endpointconnection Private Service Connection Args - A
private_service_connection
block as defined below. - resource_
group_ strname - Specifies the Name of the Resource Group within which the Private Endpoint should exist. Changing this forces a new resource to be created.
- subnet_
id str - The ID of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint. Changing this forces a new resource to be created.
- Mapping[str, str]
- A mapping of tags to assign to the resource.
- custom
Dns List<Property Map>Configs - A
custom_dns_configs
block as defined below. - custom
Network StringInterface Name - The custom name of the network interface attached to the private endpoint. Changing this forces a new resource to be created.
- ip
Configurations List<Property Map> - One or more
ip_configuration
blocks as defined below. This allows a static IP address to be set for this Private Endpoint, otherwise an address is dynamically allocated from the Subnet. - location String
- The supported Azure location where the resource exists. Changing this forces a new resource to be created.
- name String
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- network
Interfaces List<Property Map> - A
network_interface
block as defined below. - private
Dns List<Property Map>Zone Configs - A
private_dns_zone_configs
block as defined below. - private
Dns Property MapZone Group - A
private_dns_zone_group
block as defined below. - private
Service Property MapConnection - A
private_service_connection
block as defined below. - resource
Group StringName - Specifies the Name of the Resource Group within which the Private Endpoint should exist. Changing this forces a new resource to be created.
- subnet
Id String - The ID of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint. Changing this forces a new resource to be created.
- Map<String>
- A mapping of tags to assign to the resource.
Supporting Types
EndpointCustomDnsConfig, EndpointCustomDnsConfigArgs
- Fqdn string
- The fully qualified domain name to the
private_dns_zone
. - Ip
Addresses List<string> - A list of all IP Addresses that map to the
private_dns_zone
fqdn.
- Fqdn string
- The fully qualified domain name to the
private_dns_zone
. - Ip
Addresses []string - A list of all IP Addresses that map to the
private_dns_zone
fqdn.
- fqdn String
- The fully qualified domain name to the
private_dns_zone
. - ip
Addresses List<String> - A list of all IP Addresses that map to the
private_dns_zone
fqdn.
- fqdn string
- The fully qualified domain name to the
private_dns_zone
. - ip
Addresses string[] - A list of all IP Addresses that map to the
private_dns_zone
fqdn.
- fqdn str
- The fully qualified domain name to the
private_dns_zone
. - ip_
addresses Sequence[str] - A list of all IP Addresses that map to the
private_dns_zone
fqdn.
- fqdn String
- The fully qualified domain name to the
private_dns_zone
. - ip
Addresses List<String> - A list of all IP Addresses that map to the
private_dns_zone
fqdn.
EndpointIpConfiguration, EndpointIpConfigurationArgs
- Name string
- Specifies the Name of the IP Configuration. Changing this forces a new resource to be created.
- Private
Ip stringAddress - Specifies the static IP address within the private endpoint's subnet to be used. Changing this forces a new resource to be created.
- Member
Name string Specifies the member name this IP address applies to. If it is not specified, it will use the value of
subresource_name
. Changing this forces a new resource to be created.NOTE:
member_name
will be required and will not take the value ofsubresource_name
in the next major version.- Subresource
Name string - Specifies the subresource this IP address applies to.
subresource_names
corresponds togroup_id
. Changing this forces a new resource to be created.
- Name string
- Specifies the Name of the IP Configuration. Changing this forces a new resource to be created.
- Private
Ip stringAddress - Specifies the static IP address within the private endpoint's subnet to be used. Changing this forces a new resource to be created.
- Member
Name string Specifies the member name this IP address applies to. If it is not specified, it will use the value of
subresource_name
. Changing this forces a new resource to be created.NOTE:
member_name
will be required and will not take the value ofsubresource_name
in the next major version.- Subresource
Name string - Specifies the subresource this IP address applies to.
subresource_names
corresponds togroup_id
. Changing this forces a new resource to be created.
- name String
- Specifies the Name of the IP Configuration. Changing this forces a new resource to be created.
- private
Ip StringAddress - Specifies the static IP address within the private endpoint's subnet to be used. Changing this forces a new resource to be created.
- member
Name String Specifies the member name this IP address applies to. If it is not specified, it will use the value of
subresource_name
. Changing this forces a new resource to be created.NOTE:
member_name
will be required and will not take the value ofsubresource_name
in the next major version.- subresource
Name String - Specifies the subresource this IP address applies to.
subresource_names
corresponds togroup_id
. Changing this forces a new resource to be created.
- name string
- Specifies the Name of the IP Configuration. Changing this forces a new resource to be created.
- private
Ip stringAddress - Specifies the static IP address within the private endpoint's subnet to be used. Changing this forces a new resource to be created.
- member
Name string Specifies the member name this IP address applies to. If it is not specified, it will use the value of
subresource_name
. Changing this forces a new resource to be created.NOTE:
member_name
will be required and will not take the value ofsubresource_name
in the next major version.- subresource
Name string - Specifies the subresource this IP address applies to.
subresource_names
corresponds togroup_id
. Changing this forces a new resource to be created.
- name str
- Specifies the Name of the IP Configuration. Changing this forces a new resource to be created.
- private_
ip_ straddress - Specifies the static IP address within the private endpoint's subnet to be used. Changing this forces a new resource to be created.
- member_
name str Specifies the member name this IP address applies to. If it is not specified, it will use the value of
subresource_name
. Changing this forces a new resource to be created.NOTE:
member_name
will be required and will not take the value ofsubresource_name
in the next major version.- subresource_
name str - Specifies the subresource this IP address applies to.
subresource_names
corresponds togroup_id
. Changing this forces a new resource to be created.
- name String
- Specifies the Name of the IP Configuration. Changing this forces a new resource to be created.
- private
Ip StringAddress - Specifies the static IP address within the private endpoint's subnet to be used. Changing this forces a new resource to be created.
- member
Name String Specifies the member name this IP address applies to. If it is not specified, it will use the value of
subresource_name
. Changing this forces a new resource to be created.NOTE:
member_name
will be required and will not take the value ofsubresource_name
in the next major version.- subresource
Name String - Specifies the subresource this IP address applies to.
subresource_names
corresponds togroup_id
. Changing this forces a new resource to be created.
EndpointNetworkInterface, EndpointNetworkInterfaceArgs
EndpointPrivateDnsZoneConfig, EndpointPrivateDnsZoneConfigArgs
- Id string
- The ID of the Private DNS Zone Config.
- Name string
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- Private
Dns stringZone Id - A list of IP Addresses
- Record
Sets List<EndpointPrivate Dns Zone Config Record Set> - A
record_sets
block as defined below.
- Id string
- The ID of the Private DNS Zone Config.
- Name string
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- Private
Dns stringZone Id - A list of IP Addresses
- Record
Sets []EndpointPrivate Dns Zone Config Record Set - A
record_sets
block as defined below.
- id String
- The ID of the Private DNS Zone Config.
- name String
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- private
Dns StringZone Id - A list of IP Addresses
- record
Sets List<EndpointPrivate Dns Zone Config Record Set> - A
record_sets
block as defined below.
- id string
- The ID of the Private DNS Zone Config.
- name string
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- private
Dns stringZone Id - A list of IP Addresses
- record
Sets EndpointPrivate Dns Zone Config Record Set[] - A
record_sets
block as defined below.
- id str
- The ID of the Private DNS Zone Config.
- name str
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- private_
dns_ strzone_ id - A list of IP Addresses
- record_
sets Sequence[EndpointPrivate Dns Zone Config Record Set] - A
record_sets
block as defined below.
- id String
- The ID of the Private DNS Zone Config.
- name String
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- private
Dns StringZone Id - A list of IP Addresses
- record
Sets List<Property Map> - A
record_sets
block as defined below.
EndpointPrivateDnsZoneConfigRecordSet, EndpointPrivateDnsZoneConfigRecordSetArgs
- Fqdn string
- The fully qualified domain name to the
private_dns_zone
. - Ip
Addresses List<string> - A list of all IP Addresses that map to the
private_dns_zone
fqdn. - Name string
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- Ttl int
- The time to live for each connection to the
private_dns_zone
. - Type string
- The type of DNS record.
- Fqdn string
- The fully qualified domain name to the
private_dns_zone
. - Ip
Addresses []string - A list of all IP Addresses that map to the
private_dns_zone
fqdn. - Name string
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- Ttl int
- The time to live for each connection to the
private_dns_zone
. - Type string
- The type of DNS record.
- fqdn String
- The fully qualified domain name to the
private_dns_zone
. - ip
Addresses List<String> - A list of all IP Addresses that map to the
private_dns_zone
fqdn. - name String
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- ttl Integer
- The time to live for each connection to the
private_dns_zone
. - type String
- The type of DNS record.
- fqdn string
- The fully qualified domain name to the
private_dns_zone
. - ip
Addresses string[] - A list of all IP Addresses that map to the
private_dns_zone
fqdn. - name string
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- ttl number
- The time to live for each connection to the
private_dns_zone
. - type string
- The type of DNS record.
- fqdn str
- The fully qualified domain name to the
private_dns_zone
. - ip_
addresses Sequence[str] - A list of all IP Addresses that map to the
private_dns_zone
fqdn. - name str
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- ttl int
- The time to live for each connection to the
private_dns_zone
. - type str
- The type of DNS record.
- fqdn String
- The fully qualified domain name to the
private_dns_zone
. - ip
Addresses List<String> - A list of all IP Addresses that map to the
private_dns_zone
fqdn. - name String
- Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- ttl Number
- The time to live for each connection to the
private_dns_zone
. - type String
- The type of DNS record.
EndpointPrivateDnsZoneGroup, EndpointPrivateDnsZoneGroupArgs
- Name string
- Specifies the Name of the Private DNS Zone Group.
- Private
Dns List<string>Zone Ids - Specifies the list of Private DNS Zones to include within the
private_dns_zone_group
. - Id string
- The ID of the Private DNS Zone Config.
- Name string
- Specifies the Name of the Private DNS Zone Group.
- Private
Dns []stringZone Ids - Specifies the list of Private DNS Zones to include within the
private_dns_zone_group
. - Id string
- The ID of the Private DNS Zone Config.
- name String
- Specifies the Name of the Private DNS Zone Group.
- private
Dns List<String>Zone Ids - Specifies the list of Private DNS Zones to include within the
private_dns_zone_group
. - id String
- The ID of the Private DNS Zone Config.
- name string
- Specifies the Name of the Private DNS Zone Group.
- private
Dns string[]Zone Ids - Specifies the list of Private DNS Zones to include within the
private_dns_zone_group
. - id string
- The ID of the Private DNS Zone Config.
- name str
- Specifies the Name of the Private DNS Zone Group.
- private_
dns_ Sequence[str]zone_ ids - Specifies the list of Private DNS Zones to include within the
private_dns_zone_group
. - id str
- The ID of the Private DNS Zone Config.
- name String
- Specifies the Name of the Private DNS Zone Group.
- private
Dns List<String>Zone Ids - Specifies the list of Private DNS Zones to include within the
private_dns_zone_group
. - id String
- The ID of the Private DNS Zone Config.
EndpointPrivateServiceConnection, EndpointPrivateServiceConnectionArgs
- Is
Manual boolConnection Does the Private Endpoint require Manual Approval from the remote resource owner? Changing this forces a new resource to be created.
NOTE: If you are trying to connect the Private Endpoint to a remote resource without having the correct RBAC permissions on the remote resource set this value to
true
.- Name string
- Specifies the Name of the Private Service Connection. Changing this forces a new resource to be created.
- Private
Connection stringResource Alias - The Service Alias of the Private Link Enabled Remote Resource which this Private Endpoint should be connected to. One of
private_connection_resource_id
orprivate_connection_resource_alias
must be specified. Changing this forces a new resource to be created. - Private
Connection stringResource Id - The ID of the Private Link Enabled Remote Resource which this Private Endpoint should be connected to. One of
private_connection_resource_id
orprivate_connection_resource_alias
must be specified. Changing this forces a new resource to be created. For a web app or function app slot, the parent web app should be used in this field instead of a reference to the slot itself. - Private
Ip stringAddress - (Required) The static IP address set by this configuration. It is recommended to use the private IP address exported in the
private_service_connection
block to obtain the address associated with the private endpoint. - Request
Message string A message passed to the owner of the remote resource when the private endpoint attempts to establish the connection to the remote resource. The provider allows a maximum request message length of
140
characters, however the request message maximum length is dependent on the service the private endpoint is connected to. Only valid ifis_manual_connection
is set totrue
.NOTE: When connected to an SQL resource the
request_message
maximum length is128
.- Subresource
Names List<string> A list of subresource names which the Private Endpoint is able to connect to.
subresource_names
corresponds togroup_id
. Possible values are detailed in the product documentation in theSubresources
column. Changing this forces a new resource to be created.NOTE: Some resource types (such as Storage Account) only support 1 subresource per private endpoint.
NOTE: For most Private Links one or more
subresource_names
will need to be specified, please see the linked documentation for details.
- Is
Manual boolConnection Does the Private Endpoint require Manual Approval from the remote resource owner? Changing this forces a new resource to be created.
NOTE: If you are trying to connect the Private Endpoint to a remote resource without having the correct RBAC permissions on the remote resource set this value to
true
.- Name string
- Specifies the Name of the Private Service Connection. Changing this forces a new resource to be created.
- Private
Connection stringResource Alias - The Service Alias of the Private Link Enabled Remote Resource which this Private Endpoint should be connected to. One of
private_connection_resource_id
orprivate_connection_resource_alias
must be specified. Changing this forces a new resource to be created. - Private
Connection stringResource Id - The ID of the Private Link Enabled Remote Resource which this Private Endpoint should be connected to. One of
private_connection_resource_id
orprivate_connection_resource_alias
must be specified. Changing this forces a new resource to be created. For a web app or function app slot, the parent web app should be used in this field instead of a reference to the slot itself. - Private
Ip stringAddress - (Required) The static IP address set by this configuration. It is recommended to use the private IP address exported in the
private_service_connection
block to obtain the address associated with the private endpoint. - Request
Message string A message passed to the owner of the remote resource when the private endpoint attempts to establish the connection to the remote resource. The provider allows a maximum request message length of
140
characters, however the request message maximum length is dependent on the service the private endpoint is connected to. Only valid ifis_manual_connection
is set totrue
.NOTE: When connected to an SQL resource the
request_message
maximum length is128
.- Subresource
Names []string A list of subresource names which the Private Endpoint is able to connect to.
subresource_names
corresponds togroup_id
. Possible values are detailed in the product documentation in theSubresources
column. Changing this forces a new resource to be created.NOTE: Some resource types (such as Storage Account) only support 1 subresource per private endpoint.
NOTE: For most Private Links one or more
subresource_names
will need to be specified, please see the linked documentation for details.
- is
Manual BooleanConnection Does the Private Endpoint require Manual Approval from the remote resource owner? Changing this forces a new resource to be created.
NOTE: If you are trying to connect the Private Endpoint to a remote resource without having the correct RBAC permissions on the remote resource set this value to
true
.- name String
- Specifies the Name of the Private Service Connection. Changing this forces a new resource to be created.
- private
Connection StringResource Alias - The Service Alias of the Private Link Enabled Remote Resource which this Private Endpoint should be connected to. One of
private_connection_resource_id
orprivate_connection_resource_alias
must be specified. Changing this forces a new resource to be created. - private
Connection StringResource Id - The ID of the Private Link Enabled Remote Resource which this Private Endpoint should be connected to. One of
private_connection_resource_id
orprivate_connection_resource_alias
must be specified. Changing this forces a new resource to be created. For a web app or function app slot, the parent web app should be used in this field instead of a reference to the slot itself. - private
Ip StringAddress - (Required) The static IP address set by this configuration. It is recommended to use the private IP address exported in the
private_service_connection
block to obtain the address associated with the private endpoint. - request
Message String A message passed to the owner of the remote resource when the private endpoint attempts to establish the connection to the remote resource. The provider allows a maximum request message length of
140
characters, however the request message maximum length is dependent on the service the private endpoint is connected to. Only valid ifis_manual_connection
is set totrue
.NOTE: When connected to an SQL resource the
request_message
maximum length is128
.- subresource
Names List<String> A list of subresource names which the Private Endpoint is able to connect to.
subresource_names
corresponds togroup_id
. Possible values are detailed in the product documentation in theSubresources
column. Changing this forces a new resource to be created.NOTE: Some resource types (such as Storage Account) only support 1 subresource per private endpoint.
NOTE: For most Private Links one or more
subresource_names
will need to be specified, please see the linked documentation for details.
- is
Manual booleanConnection Does the Private Endpoint require Manual Approval from the remote resource owner? Changing this forces a new resource to be created.
NOTE: If you are trying to connect the Private Endpoint to a remote resource without having the correct RBAC permissions on the remote resource set this value to
true
.- name string
- Specifies the Name of the Private Service Connection. Changing this forces a new resource to be created.
- private
Connection stringResource Alias - The Service Alias of the Private Link Enabled Remote Resource which this Private Endpoint should be connected to. One of
private_connection_resource_id
orprivate_connection_resource_alias
must be specified. Changing this forces a new resource to be created. - private
Connection stringResource Id - The ID of the Private Link Enabled Remote Resource which this Private Endpoint should be connected to. One of
private_connection_resource_id
orprivate_connection_resource_alias
must be specified. Changing this forces a new resource to be created. For a web app or function app slot, the parent web app should be used in this field instead of a reference to the slot itself. - private
Ip stringAddress - (Required) The static IP address set by this configuration. It is recommended to use the private IP address exported in the
private_service_connection
block to obtain the address associated with the private endpoint. - request
Message string A message passed to the owner of the remote resource when the private endpoint attempts to establish the connection to the remote resource. The provider allows a maximum request message length of
140
characters, however the request message maximum length is dependent on the service the private endpoint is connected to. Only valid ifis_manual_connection
is set totrue
.NOTE: When connected to an SQL resource the
request_message
maximum length is128
.- subresource
Names string[] A list of subresource names which the Private Endpoint is able to connect to.
subresource_names
corresponds togroup_id
. Possible values are detailed in the product documentation in theSubresources
column. Changing this forces a new resource to be created.NOTE: Some resource types (such as Storage Account) only support 1 subresource per private endpoint.
NOTE: For most Private Links one or more
subresource_names
will need to be specified, please see the linked documentation for details.
- is_
manual_ boolconnection Does the Private Endpoint require Manual Approval from the remote resource owner? Changing this forces a new resource to be created.
NOTE: If you are trying to connect the Private Endpoint to a remote resource without having the correct RBAC permissions on the remote resource set this value to
true
.- name str
- Specifies the Name of the Private Service Connection. Changing this forces a new resource to be created.
- private_
connection_ strresource_ alias - The Service Alias of the Private Link Enabled Remote Resource which this Private Endpoint should be connected to. One of
private_connection_resource_id
orprivate_connection_resource_alias
must be specified. Changing this forces a new resource to be created. - private_
connection_ strresource_ id - The ID of the Private Link Enabled Remote Resource which this Private Endpoint should be connected to. One of
private_connection_resource_id
orprivate_connection_resource_alias
must be specified. Changing this forces a new resource to be created. For a web app or function app slot, the parent web app should be used in this field instead of a reference to the slot itself. - private_
ip_ straddress - (Required) The static IP address set by this configuration. It is recommended to use the private IP address exported in the
private_service_connection
block to obtain the address associated with the private endpoint. - request_
message str A message passed to the owner of the remote resource when the private endpoint attempts to establish the connection to the remote resource. The provider allows a maximum request message length of
140
characters, however the request message maximum length is dependent on the service the private endpoint is connected to. Only valid ifis_manual_connection
is set totrue
.NOTE: When connected to an SQL resource the
request_message
maximum length is128
.- subresource_
names Sequence[str] A list of subresource names which the Private Endpoint is able to connect to.
subresource_names
corresponds togroup_id
. Possible values are detailed in the product documentation in theSubresources
column. Changing this forces a new resource to be created.NOTE: Some resource types (such as Storage Account) only support 1 subresource per private endpoint.
NOTE: For most Private Links one or more
subresource_names
will need to be specified, please see the linked documentation for details.
- is
Manual BooleanConnection Does the Private Endpoint require Manual Approval from the remote resource owner? Changing this forces a new resource to be created.
NOTE: If you are trying to connect the Private Endpoint to a remote resource without having the correct RBAC permissions on the remote resource set this value to
true
.- name String
- Specifies the Name of the Private Service Connection. Changing this forces a new resource to be created.
- private
Connection StringResource Alias - The Service Alias of the Private Link Enabled Remote Resource which this Private Endpoint should be connected to. One of
private_connection_resource_id
orprivate_connection_resource_alias
must be specified. Changing this forces a new resource to be created. - private
Connection StringResource Id - The ID of the Private Link Enabled Remote Resource which this Private Endpoint should be connected to. One of
private_connection_resource_id
orprivate_connection_resource_alias
must be specified. Changing this forces a new resource to be created. For a web app or function app slot, the parent web app should be used in this field instead of a reference to the slot itself. - private
Ip StringAddress - (Required) The static IP address set by this configuration. It is recommended to use the private IP address exported in the
private_service_connection
block to obtain the address associated with the private endpoint. - request
Message String A message passed to the owner of the remote resource when the private endpoint attempts to establish the connection to the remote resource. The provider allows a maximum request message length of
140
characters, however the request message maximum length is dependent on the service the private endpoint is connected to. Only valid ifis_manual_connection
is set totrue
.NOTE: When connected to an SQL resource the
request_message
maximum length is128
.- subresource
Names List<String> A list of subresource names which the Private Endpoint is able to connect to.
subresource_names
corresponds togroup_id
. Possible values are detailed in the product documentation in theSubresources
column. Changing this forces a new resource to be created.NOTE: Some resource types (such as Storage Account) only support 1 subresource per private endpoint.
NOTE: For most Private Links one or more
subresource_names
will need to be specified, please see the linked documentation for details.
Import
Private Endpoints can be imported using the resource id
, e.g.
$ pulumi import azure:privatelink/endpoint:Endpoint example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Network/privateEndpoints/endpoint1
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
azurerm
Terraform Provider.