Feature "AllowPrivateEndpoints" from Provider namespace "Microsoft.Network" is Pending and should be manually registered by Azure Support team.

Rihards Nikitins 26 Reputation points
2022-11-28T12:27:44.717+00:00

Hello everyone,

I need to register Feature "AllowPrivateEndpoints" from Provider namespace "Microsoft.Network".
Have run the command Register-AzProviderFeature -FeatureName AllowPrivateEndpoints -ProviderNamespace Microsoft.Network and now its status is Pending. Have heard that the registration should be manually finished by Azure Support team. How could I contact them?

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
1,019 questions
0 comments No comments
{count} votes

Accepted answer
  1. Alistair Ross 7,466 Reputation points Microsoft Employee
    2022-11-29T22:53:30.067+00:00

    Hello @Rihards Nikitins

    Thank you for providing the bicep code and insights into what you have done so far. Looking at the code I have identified the issue on line 253:

    privateLinkServiceId: resLogAnalyticsWorkspace.id  
    

    This is part of the code for the resource type Microsoft.Network/privateEndpoint

    resource reslawPrivateEndpoint 'Microsoft.Network/privateEndpoints@2021-05-01' = {  
      name: 'law-privendpoint'  
      location: parLocation  
      properties: {  
        privateLinkServiceConnections: [  
          {  
            name: 'law-PrivateEndpoint-PrivateLinkConnection'  
            properties: {  
              privateLinkServiceId: resLogAnalyticsWorkspace.id  
              groupIds: [  
                'azuremonitor'  
              ]  
            }       
          }  
        ]  
        subnet: {  
          id: resExistingSubnetForprivateEnpoint.id  
        }  
      }  
    }  
    

    As you can see, the code is refering to the workspace resource id, which is incorrect and should be referencing the Azure Monitor Private Link Resource Id as per the documentation. A quick deployment of a private link for AMPLS (for those who have never done it before, the guide can be found here) and a review of the deployment template confirmed my suspicions that line 253 should in fact be:

    privateLinkServiceId: resAMprivateLinkScope.id  
    

    I've deployed this in my environment, and everything deploys and works as expected. Here is a copy of the updated template 265451-template.txt.

    As for the original error. I am honestly not sure why it was coming up with "Feature not registered", but as the deployment showed me in the portal the exact resource it was failing on, it was quick enough to identify the problem.

    I hope this helps provide you with the information you need. If it does, please make sure to mark the question as answered so it helps other people in future.

    Kind regards

    Alistair

    0 comments No comments

5 additional answers

Sort by: Most helpful
  1. Rihards Nikitins 26 Reputation points
    2022-11-28T18:02:58.5+00:00

    Hi Alistair. Thank you for your answer.

    The command "Register-AzProviderFeature -FeatureName AllowPrivateEndpoints -ProviderNamespace Microsoft.Network" returns result:

    "AllowPrivateEndpoints Microsoft.Network Pending"

    This is where I have stacked in.

    264860-image.png

    1 person found this answer helpful.

  2. Alistair Ross 7,466 Reputation points Microsoft Employee
    2022-11-28T12:36:53.563+00:00

    Hello @Rihards Nikitins

    Details on how to raise a support case can be found here https://learn.microsoft.com/en-us/azure/azure-portal/supportability/how-to-create-azure-support-request.

    The same link can also be found with the documentation regarding enabling Provider preview features https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/preview-features?tabs=azure-portal#register-preview-feature which may provide further information for the task you are currently performing.

    I hope this helps provide you with the information you need. If it does, please make sure to mark the question as answered so it helps other people in future.

    Kind regards

    Alistair

    0 comments No comments

  3. Rihards Nikitins 26 Reputation points
    2022-11-28T12:44:34.997+00:00

    Thank you Alistair!
    Unfortunately the needed Preview feature is not showing up in the list. Have also tried to rise the Support request without success. Any other suggestions?
    264793-image.png


  4. Rihards Nikitins 26 Reputation points
    2022-11-28T20:24:55.703+00:00

    Hi @Alistair Ross
    I am not following the documentation in this case. The reason I am trying to register this feature is the error message I got when trying to deploy Private Endpoint from Bicep template:
    "{"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.","details":[{"code":"SubscriptionNotRegisteredForFeature","message":"Subscription /subscriptions/xxx-xxx-xxx-xxx/resourceGroups//providers/Microsoft.Network/subscriptions/ is not registered for feature Microsoft.Network/AllowPrivateEndpoints required to carry out the requested operation."}]}

    This is the Bicep template which deploys Azure Log Analytics with Private Endpoint, Private DNS Zones and other associated resources. I also use another Bicep templates to deploy other services with Private Endpoint (Storage Accounts, Key Vaults, etc.) and everything is OK with those templates. Only the one with Log Analytics Workspace is giving this strange error. Please see the template in the attached file. Please change the extension from .txt to .bicep to open it in the correct way. Thank you in advance.264963-law-debug.txt


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.