ADF to Azure PostgreSQL Flex Server connection

Pradeep Vishwakarma 0 Reputation points
2024-10-23T10:19:42.7333333+00:00

How to access Azure PostgreSQL Flex Server from ADF Managed VNet using a Private End Point ?

Recently, we followed the below blog to create private link along with load balancer and ip forwarding and it's working. But it requires additional resources to be created which is just needed to routing the traffic.
https://techcommunity.microsoft.com/t5/azure-database-for-postgresql/how-to-access-azure-postgresql-flex-server-from-adf-managed-vnet/ba-p/3707742

Do we have any updates or recommentadtion on directly using the private endpoint in ADF to connect flexible postgres server ?
Fyi, we tried to manually create the PE on postgre flexible server and it seems there are not sub resource target available in to use with PE.

Any help much appreciated !

Thanks,

Pradeep

Azure Data Factory
Azure Data Factory
An Azure service for ingesting, preparing, and transforming data at scale.
10,827 questions
Azure Database for PostgreSQL
{count} votes

1 answer

Sort by: Most helpful
  1. Amira Bedhiafi 26,261 Reputation points
    2024-10-23T21:15:22.57+00:00

    To access Azure PostgreSQL Flexible Server from ADF using a managed virtual network and a Private Endpoint you need to follow these steps :

    1. Private Endpoint Creation: You can directly create a Private Endpoint in ADF that links to your Azure PostgreSQL Flexible Server. This allows secure and private traffic routing via Azure's backbone network. You don't need to expose your PostgreSQL server to the public internet. To achieve this, you should:
      • Set the network connectivity of your PostgreSQL Flexible Server to allow only private access.
      • Use the Private Endpoint within ADF by navigating to the "Managed Private Endpoints" option and creating a new one.
      • Make sure your PostgreSQL Flexible Server is deployed in a delegated subnet that is dedicated to the database server, as required for Flexible Server deployments.
    2. DNS Configuration: Ensure that DNS resolution for the Private Endpoint is handled correctly by configuring a Private DNS Zone that is linked to the virtual network where your Private Endpoint resides. This ensures that traffic to the Flexible Server routes correctly via the private IP.
    3. Approval of Private Endpoint: After creating the Private Endpoint, it must be approved in the Azure Portal for the PostgreSQL server before it can start receiving traffic from ADF.
    4. Network Security Considerations: When using Private Endpoints, you can apply Network Security Groups (NSGs) and User Defined Routes (UDRs) to further secure and control traffic at the network layer.

    Links to help you :

    https://techcommunity.microsoft.com/t5/azure-database-for-postgresql/how-to-access-azure-postgresql-flex-server-from-adf-managed-vnet/ba-p/3707742

    https://learn.microsoft.com/en-us/azure/data-factory/managed-private-endpoints

    https://techcommunity.microsoft.com/t5/azure-database-for-postgresql/introducing-private-link-based-networking-with-azure-database/ba-p/3941534

    https://techcommunity.microsoft.com/t5/azure-database-for-postgresql/private-networking-patterns-in-azure-database-for-postgres/ba-p/3768598


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.