Hello Ceci Ivanov,
Directly to your question, Yes even after enabling a private endpoint for the Azure Translator on VNet, you would still require the service endpoint to be enabled on the same VNet. While a private endpoint brings Azure services into your VNet, a service endpoint restricts access to your PaaS resources to traffic coming from your VNet. Therefore, to enable a private endpoint, you often need to enable the service endpoint on the VNet.
My first suggestion it's to read this article on the difference between Service Endpoints vs Private Endpoints:
About Azure Translator service using private endpoints for Translator this enable access data using an IP address from the VNet address space for your Translator resource. This feature provides additional security options for your Translator subscription
References:
- https://learn.microsoft.com/en-us/azure/private-link/private-endpoint-overview
- https://learn.microsoft.com/en-us/azure/private-link/private-endpoint-dns
- https://learn.microsoft.com/en-us/azure/ai-services/translator/custom-translator/how-to/enable-vnet-service-endpoint
- https://learn.microsoft.com/en-us/azure/ai-services/cognitive-services-virtual-networks?tabs=portal#use-private-endpoints
If the information helped address your question, please Accept the answer.
Luis