Azure Data Factory managed private endpoint to Azure PostgresSQL flexible server

_Esteban Bett 30

In my infra I have a Vnet with two subnets:

application-subnet
delegated-subnet

The Azure Data Factory instance is on application-subnet.

The Azure PostgreSQL flexible server is in delegated-subnet and is configured with Private Access (VNET Integration).
Pricing tier: General Purpose

Compute size: Standard_D2s_v3 (2 vCores, 8 GiB memory, 3200 max iops)

Storage: 32 GiB

In the ADF instance I am trying to create a linked service to the db using Azure managed integration runtime. In the ADF private endpoint form, I choose the subscription but the dropdown with database server name is not filled:

User's image

I tried to create it from terrafom script:

resource "azurerm_data_factory_managed_private_endpoint" "db-mpe" {
  data_factory_id    = azurerm_data_factory.adf.id  
  target_resource_id = data.azurerm_postgresql_flexible_server.postgres_db_server.id  
  subresource_name   = "postgresqlServer"
}

But then it is pending for approval and there is no section in PostgreSQL db to approve it.
What should I do?

I also tried to create a private endpoint:

resource "azurerm_private_endpoint" "db_private_endpoint" {  
  name                = "${local.instance_name}-pe"  
  resource_group_name = data.azurerm_resource_group.common_rg.name  
  location            = data.azurerm_resource_group.common_rg.location
  
  subnet_id = data.azurerm_subnet.connectivity_postgres_delegated_subnet.id
         
  private_service_connection {    
    name                           = "${local.instance_name}-sc"    
    is_manual_connection           = "false"    
    private_connection_resource_id = module.postgres.db.id    
    subresource_names              = ["postgresqlServer"]  
  }
}

Error: creating Private Endpoint (Subscription: "xxxx"

78│ Private Endpoint Name: "xxx-pe"): performing CreateOrUpdate: unexpected status 400 with error: SubscriptionNotRegisteredForFeature: Subscription /subscriptions/xxx/resourceGroups//providers/Microsoft.Network/subscriptions/ is not registered for feature Microsoft.Network/AllowPrivateEndpoints required to carry out the requested operation.

What can I do?

PRADEEPCHEEKATLA-MSFT 77,751 Reputation points Microsoft Employee

2023-09-29T09:45:57.5566667+00:00

@_Esteban Bett - Thanks for the question and using MS Q&A platform.

It seems that you are facing two different issues. Let me explain them one by one.

Regarding the first issue, it seems that the dropdown with the database server name is not being filled in the ADF private endpoint form. This could be due to a few reasons. One possible reason could be that the Azure PostgreSQL flexible server is not properly configured with Private Access (VNET Integration). Please make sure that you have properly configured the server with Private Access (VNET Integration) and that the server is in the delegated subnet. You can also try to create the private endpoint manually and see if that works.

Regarding the second issue, it seems that you are getting an error while creating the private endpoint. The error message suggests that the subscription is not registered for the feature Microsoft.Network/AllowPrivateEndpoints. This feature is required to carry out the requested operation. Please make sure that the subscription is registered for this feature. You can check this by going to the Azure portal and navigating to the subscription. Then, go to the Resource providers section and make sure that Microsoft.Network is registered. If it is not registered, you can register it by clicking on the Register button. Once the registration is complete, you should be able to create the private endpoint without any issues.

As per the repro, when I check the registeration status from Azure portal it doesn;t showup - mostly like this could be an bug.

When I checked the status using Azure Powershell, it shows the status as pending

I had even tried to register using Powershell cmdlets but I haven;t successed.

Note: I had tried to register this feature using Azure Portal, CLI and Powershell and none the method worked.

I agree that this issue looks strange and I wasn't able to reproduce this issue. If you have a support plan could you please file a support ticket for deeper investigation and do share the SR# with us? In case if you don't have a support plan please let us know here.

Looking forward for your response.
PRADEEPCHEEKATLA-MSFT 77,751 Reputation points Microsoft Employee

2023-10-04T13:21:18.2566667+00:00

@_Esteban Bett - We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet. In case if you have any resolution please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.
PRADEEPCHEEKATLA-MSFT 77,751 Reputation points Microsoft Employee

2023-10-10T09:29:16.0933333+00:00

@_Esteban Bett - We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet. In case if you have any resolution please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.
Yashvit Naik 11 Reputation points

2023-10-11T04:39:17.4366667+00:00

I'm having a similar issue. We are not able to connect to Azure Database for PostgreSQL flexible server from Azure Data Factory.

I it currently possible to set this up? I'm seeing some blogs that say it isnt possible (https://techcommunity.microsoft.com/t5/azure-database-for-postgresql/how-to-access-azure-postgresql-flex-server-from-adf-managed-vnet/ba-p/3707742)

Is there a simpler way to achieve this rather than the solution shown in the blog?
Marroquin JR, Manny 0 Reputation points

2024-03-14T15:54:03.21+00:00

Has there been any update on this? Or is the above comment by Yashvit the only way to solve this issue?