This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 63%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZ%3C/text%3E%3C/svg%3E)
Is there any use in creating a private endpoint for an Application Gateway? An application gateway is ypically configured with a private frontend IP, so what would a private endpoint give in addition?
The documentation says that Microsoft.Network/applicationgateways is supported for private endpoints, but it does not seems to work. When we try to use the private endpoint wizard to create a private endpoint for an application gateway, we are given the error "no supported sub-resources", when we have chosen the application gateway.
@Ziggy99 , Looks like APPGW resource type is still under preview. I did try with resource ID providing listener as a target sub-resource but failed to deploy. We are investigating actively with respective product team to get more clarity on this issue. We'll be right back.
Any news on this? We are still struggling...
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 28.000000000000004%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPA%3C/text%3E%3C/svg%3E)
An update on this would be appreciated. We have various use cases where exporting a layer 7 load balancer as a private link connection is needed, but there doesn't seem to be much information on when or whether this will start working.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 99%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJD%3C/text%3E%3C/svg%3E)
@suvasara-MSFT any update?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 4%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVA%3C/text%3E%3C/svg%3E)
Hi, I too have the same scenario and get the same error. Unable to proceed. Thanks !
I gave it another try today, using the resource ID option (second radio button).
if I run this on a WAF_V1 app gateway, it tells me it's not supported (to be expected): Error message: Operation GetApplicationGatewayPrivateLinkServiceResolutionInfoOperation is not supported on V1 SKU of Application Gateway. Please migrate to V2 SKU to leverage this capability.
When I run it on a WAF_V2 app gateway, the error is Please make sure application gateway has private link configuration.. So it is supported, but missing some configuration. I can't find any such configuration on the app gateway itself in the portal. If I want to provision a private link service, it only accepts load balancers, and it does not see the app gateway as one.
Anyone from @Microsoft listening?
I opened a support case with Microsoft and they were able to give me a hint. The missing ingredient is a private link service that is not available in Portal and is still in preview. I was able to create it with this AZ command: https://learn.microsoft.com/en-us/cli/azure/network/application-gateway/private-link?msclkid=637fda6fd07f11ec9e4bab7b4233a652&view=azure-cli-latest#az-network-application-gateway-private-link-add
After that, I was able to create the private endpoint from the portal.
This still leaves a lot of open questions for me regarding the proper setup and consumption of this gateway, hoping to get some kind of documentation or end-to-end example from Microsoft.
Also got this link that clarifies the setup: https://learn.microsoft.com/en-us/azure/application-gateway/private-link-configure?tabs=cli
Some additional info about usage and limitations https://learn.microsoft.com/en-us/azure/application-gateway/private-link
Apparently this is pretty new so there are no good end-to-end examples documented yet.