Additional private endpoints to an existing private AKS cluster

Alex 395 Reputation points
2024-03-28T15:22:28.98+00:00

Hello,

I would like some help/insights on below situation.

  • I got a private AKS cluster deployed in Vnet1.
  • Now I am trying to create another private endpoint for this AKS cluster from another Vnet2.
  • I am able to successfully create one and it gets auto-approved as well, only when I choose the AKS resource from the drop-down (Connect to an Azure resource in my directory).
  • But, it doesn't get auto-approved when I create it using the resource ID/alias.

Qs:

  • Can this be done? If yes, where does this private endpoint connection request go? and how can I get it approved? If no, why?
Azure Private Link
Azure Private Link
An Azure service that provides private connectivity from a virtual network to Azure platform as a service, customer-owned, or Microsoft partner services.
522 questions
Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
2,187 questions
0 comments No comments
{count} votes

Accepted answer
  1. Deepanshukatara-6769 11,700 Reputation points
    2024-03-28T17:07:09.3266667+00:00

    Hi, Thanks to reaching to us.

    The consumers can request a connection to a private-link service by using either the resource URI or the alias. To connect by using the alias, create a private endpoint by using the manual connection approval method. To use the manual connection approval method, set the manual request parameter to True during the private-endpoint create flow.

    This manual request can be auto approved if the consumer's subscription is allow-listed on the provider side.

    To learn more go to controlling service access.

    Please check below docs for more ref

    https://learn.microsoft.com/en-us/azure/private-link/private-endpoint-overview

    https://learn.microsoft.com/en-us/cli/azure/network/private-endpoint?view=azure-cli-latest#az-network-private-endpoint-create

    Kindly accept answer if it helps, Thanks!

    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.