Reputation: 55
Azure Private Endpoint with custom DNS
I have:
Azure Storage Account - storage1.
Azure Private DNS zone - privatelink.blob.core.windows.net.
I create a new Private Endpoint for storage1 - storage1-pep.
I open storage1-pep and go to DNS Configuration section.
DNS Config shows FQDN as storage1.privatelink.blob.core.windows.net.
How to create endpoint with custom FQDN like - my-super-storage.privatelink.blob.core.windows.net.
I know its possible as I see other Storage account configured like this but not sure how to replicate this. That custom FQDN was created by private endpoint as DNS record's metadata in the zone shows - created by private endpoint.
Thanks
Upvotes: 0
Views: 787
Answers (1)
Reputation: 7614
As suggested in the comments, you cannot create a Private DNS FQDN with a custom name like storage1.privatelink.blob.core.windows.net from portal while creating the PE .
Instead of creating it manually, you can use the PowerShell script below to create a private endpoint and attach the DNS zone to the endpoint with a custom A record with my-super-storage.privatelink.blob.core.windows.net
You can refer to the Private Endpoint DNS Zone for the storage account here.
$resourceGroupName = "RG-Name"
$storageAccountName = "venaktstoragetest"
$privateEndpointName = "storage-pep"
$privateDNSZoneName = "privatelink.blob.core.windows.net"
$customDNSName = "my-super-storage"
$vnetname = "vvvvvvvvvv-vnet"
$location = "northeurope"
$storage = Get-AzStorageAccount -ResourceGroupName $resourceGroupName -Name $storageAccountName
$virtualNetwork = Get-AzVirtualNetwork -ResourceName $vnetname -ResourceGroupName $resourceGroupName
$subnet = $virtualNetwork | Select-Object -ExpandProperty subnets | Where-Object Name -eq 'Storage-subnet'
$virtuallink = New-AzPrivateLinkServiceConnection -Name $privateEndpointName -PrivateLinkServiceId $storage.Id -GroupId "blob"
$privateEndpoint = New-AzPrivateEndpoint -Name $privateEndpointName -ResourceGroupName $resourceGroupName -Location $location -PrivateLinkServiceConnection $virtuallink -Subnet $subnet
$privateIPAddress = $privateEndpoint.CustomDnsConfigs[0].IpAddresses[0]
$Link = New-AzPrivateDnsVirtualNetworkLink -ZoneName $privateDNSZoneName -ResourceGroupName $resourceGroupName -Name "mylink" -VirtualNetworkId $virtualNetwork.Id -EnableRegistration
$Records = @()
$Records += New-AzPrivateDnsRecordConfig -IPv4Address $privateIPAddress
$RecordSet = New-AzPrivateDnsRecordSet -Name "$customDNSName.$privateDNSZoneName" -RecordType A -ResourceGroupName $resourceGroupName -TTL 3600 -ZoneName $privateDNSZoneName -PrivateDnsRecords $Records
Write-Output "Private Endpoint '$privateEndpointName' and DNS record '$customDNSName.$privateDNSZoneName' created successfully."
Output:
Portal Result
Upvotes: 1
Related Questions
- Access Azure Private Endpoint from on-premise
- Registering a private endpoint in Azure private DNS automatically using Terraform
- Azure Files with Private Endpoint over Azure VPN
- Resolving DNS names for Azure private endpoint of another company, when using private endpoint ourselves
- Azure DNS Zone: What should I do so that my custom DNS will be used instead of the Azure DNS with IP address 168.63.129.16?
- Is there a way to prefer Azure Service Endpoint over Private Endpoint?
- Azure Postgres Private endpoint not working with dns name
- Azure SQL Database Private Endpoint DNS and AD/AAD Configuration