Private Endpoint
Create a Private Endpoint
A private endpoint is a network interface that connects you privately and securely to a service powered by Azure Private Link. Below is an example of how to create private endpoints and create a private connection to both an Automation Account and a Storage Account. The aa_Webhook private endpoint example also shows how to optionally associate a private endpoint with a private DNS zone using a private DNS zone group.
storage_accounts = {
"diagsaphdev" = {
resource_group = "hsw"
public_network_access_enabled = true
shared_access_key_enabled = false
}
}
automation_account = {
sapphireautomationdev = {
resource_group = "hsw"
sku = "Basic"
identity = {
type = "SystemAssigned"
}
}
}
private_dns_zones = {
"sapphire.dev" = {
resource_group = "hsw"
}
}
private_endpoints = {
// automation account private endpoints for the "Webhook" subresource
aa_Webhook = {
resource_group = "hsw"
subnet = "hsw.hsw"
private_service_connection = {
private_connection_resource_type = "automation_account"
private_connection_resource = "sapphireautomationdev"
subresource_names = [ "Webhook" ]
}
private_dns_zone_group = { // optionaly associate with a private DNS zone
private_dns_zones = [ "sapphire.dev" ]
}
}
// automation account private endpoints for the "DSCAndHybridWorker" subresource
aa_DSCAndHybridWorker = {
resource_group = "hsw"
subnet = "hsw.hsw"
private_service_connection = {
private_connection_resource_type = "automation_account"
private_connection_resource = "sapphireautomationdev"
subresource_names = [ "DSCAndHybridWorker" ]
}
}
// storage account private endpoint
sa_diagsaphdev = {
resource_group = "hsw"
subnet = "hsw.hsw"
private_service_connection = {
private_connection_resource_type = "storage_account"
private_connection_resource = "diagsaphdev"
subresource_names = [ "file" ]
}
}
}