![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 64%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGC%3C/text%3E%3C/svg%3E)
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,160 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 10%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAP%3C/text%3E%3C/svg%3E)
Hello Gaurav Chawda,
Thank you for posting your query here!
Azure private endpoints allow you to securely connect to Azure resources from a virtual network, without exposing them to the public internet. You can use private endpoints to access resources in the same region or in different regions, as long as the resource provider supports cross-region access.
However, from your error message it seems you have encountered authorization failures when trying to access resources in different regions through private endpoints. There are several factors that may affect the cross-region access through private endpoints, such as:
· Not all Azure resources and providers support cross-region access through private endpoints. For example, Azure Storage accounts and Azure SQL Database servers support cross-region access, but Azure Cosmos DB accounts and Azure Key Vault vaults do not. You can check the list of supported resources and providers here: What is a private endpoint? - Azure Private Link | Microsoft Learn
If not, you may need to use a different resource type or provider, or use a different method to access the resource, such as a VPN or a service endpoint.
· Some Azure resources may require additional configuration to enable cross-region access through private endpoints. For example, Azure Storage accounts need to have the Allow cross-region replication property enabled, and Azure SQL Database servers need to have the Allow Azure services and resources to access this server property enabled.
· The private endpoint that connects to the resource in a different region needs to have the correct settings, such as the resource ID, the private DNS zone, and the private IP address. You can check the steps to create and configure a private endpoint here: https://docs.microsoft.com/en-us/azure/private-link/create-private-endpoint-portal
· The network security groups (NSGs) and firewalls that are applied to the virtual network, the subnet, or the resource may block the traffic between the private endpoint and the resource. You need to ensure that the network security rules allow the communication on the required ports and protocols. You can check the network security requirements for each resource type here: What is a private endpoint? - Azure Private Link | Microsoft Learn
You may also refer: https://learn.microsoft.com/en-us/azure/virtual-machines/disks-enable-private-links-for-import-export-portal
Do let us know if you have any further queries. I’m happy to assist you further.
Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.