How to associate resources to NSP(Network Security Perimeter) from the cross resource groups

Question

How to associate resources to NSP(Network Security Perimeter) from the cross resource groups

Ravinder Reddy 40

When we create the NSP in one resource group and trying to associate the resources from other resource group it's getting an issue. issue is getting for resources is storage accounts, SQL DB servers and Cosmos DB.

Silvia Wibowo 6,046 Reputation points Microsoft Employee Volunteer Moderator

2025-03-17T00:55:34.9366667+00:00
Hi @Ravinder Reddy , could you clarify:

What error message you got when you try to associate resources from other resource groups?

Are they within the same subscription?

Do those resources have service endpoint configured?
Ravinder Reddy 40 Reputation points

2025-03-17T17:17:02.5966667+00:00
Hi @Silvia Wibowo , Thanks for the response

It's saying enable manage Identity for the resource which we are trying to associate with NSP from other resource group.

Yes, they are in the same subscription.

I'm not sure about endpoint configuration, but all resources are enabled public access.
Silvia Wibowo 6,046 Reputation points Microsoft Employee Volunteer Moderator

2025-03-17T19:31:40.0133333+00:00

Hi @Ravinder Reddy , have you tried enabling managed identity for the resource(s)?
G Sree Vidya 2,525 Reputation points Microsoft External Staff Moderator

2025-03-19T05:43:03.93+00:00

Hi Ravinder Reddy

Following up to see if the above information was helpful. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

1 answer

Your answer

Silvia Wibowo 6,046 Reputation points Microsoft Employee Volunteer Moderator

2025-03-17T00:55:34.9366667+00:00

Hi @Ravinder Reddy , could you clarify:

What error message you got when you try to associate resources from other resource groups?

Are they within the same subscription?

Do those resources have service endpoint configured?
Ravinder Reddy 40 Reputation points

2025-03-17T17:17:02.5966667+00:00

Hi @Silvia Wibowo , Thanks for the response

It's saying enable manage Identity for the resource which we are trying to associate with NSP from other resource group.

Yes, they are in the same subscription.

I'm not sure about endpoint configuration, but all resources are enabled public access.
Silvia Wibowo 6,046 Reputation points Microsoft Employee Volunteer Moderator

2025-03-17T19:31:40.0133333+00:00

Hi @Ravinder Reddy , have you tried enabling managed identity for the resource(s)?
G Sree Vidya 2,525 Reputation points Microsoft External Staff Moderator

2025-03-19T05:43:03.93+00:00

Hi Ravinder Reddy

Following up to see if the above information was helpful. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

Answer 1

Hello @ravinder reddy

We kindly request that you associate the service with a Network Security Perimeter. This will implicitly allow inbound and outbound access to any other service that is associated with the same Network Security Perimeter.

When access is authenticated using managed identities and role assignments, access rules are not required. However, access rules need to be created when allowing access outside of the Network Security Perimeter, or for access that is authenticated using API keys.

User's image

Please refer below document for more information.

Refer: https://learn.microsoft.com/en-us/azure/private-link/create-network-security-perimeter-portal

https://learn.microsoft.com/en-us/azure/private-link/network-security-perimeter-concepts#components-of-a-network-security-perimeter

I hope this information helps to you and let me know if you have any further questions, we will be happy to help you.

Share via

How to associate resources to NSP(Network Security Perimeter) from the cross resource groups

1 answer

Your answer