Share via

storage account with multiple private service connections (private endpoints)

Pierre Beauvois 20 Reputation points
2024-07-17T12:10:20.7766667+00:00

Hello Community,

I have storage accounts and I am trying to attach multiple private endpoints to them. Everything is deployed using Terraform.

What is currently blocking me is it seems that the private endpoint creation cannot contain more than once private_service_connection block. In fact, if I define a dynamic bloc like 

  dynamic "private_service_connection" {
    for_each = var.azurerm_private_endpoint_private_service_connection_resource_id
    content {
      name                           = var.azurerm_private_endpoint_private_service_connection_name
      private_connection_resource_id = private_service_connection.value
      subresource_names              = var.azurerm_private_endpoint_private_service_subresource_names
      is_manual_connection           = false
    }
  }

I am ending with an error stating no more than one block is allowed.

│ Error: Too many private_service_connection blocks
│
│   on .terraform/modules/databricks_catalog.azure_private_endpoint_catalog/private-endpoint.tf line 15, in resource "azurerm_private_endpoint" "databricks_storage_account":
│   15:     content {
│
│ No more than 1 "private_service_connection" blocks are allowed

I looked into the documentation but cannot find an answer to my blocker.

Am I missing something ? How can I link one storage account with multiple private endpoints ? Is it possible ?

Thank you in advance for the replies.

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
3,026 questions
Azure Private Link
Azure Private Link
An Azure service that provides private connectivity from a virtual network to Azure platform as a service, customer-owned, or Microsoft partner services.
502 questions
Accepted answer
  1. KarishmaTiwari-MSFT 19,537 Reputation points Microsoft Employee
    2024-07-18T23:02:03.8933333+00:00

    @Pierre Beauvois In my understanding, each Azure Storage Account can indeed have multiple private endpoints, but the Terraform provider for Azure (azurerm) imposes certain limitations and requirements when defining these configurations.

    The error you're encountering is due to Terraform's restriction on the azurerm_private_endpoint resource, which allows only one private_service_connection block per resource instance.

    To attach multiple private endpoints to your Azure Storage Account using Terraform, you would need to define multiple instances of azurerm_private_endpoint resources, each representing a separate private endpoint connection.

    Each private endpoint configuration is treated as a separate instance of azurerm_private_endpoint, avoiding the limitation of one private_service_connection block per resource instance.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest