Private endpoint for Application Gateway

Ziggy99 21 Reputation points
2021-09-29T07:41:13.097+00:00

Is there any use in creating a private endpoint for an Application Gateway? An application gateway is ypically configured with a private frontend IP, so what would a private endpoint give in addition?

The documentation says that Microsoft.Network/applicationgateways is supported for private endpoints, but it does not seems to work. When we try to use the private endpoint wizard to create a private endpoint for an application gateway, we are given the error "no supported sub-resources", when we have chosen the application gateway.

Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,089 questions
Azure Private Link
Azure Private Link
An Azure service that provides private connectivity from a virtual network to Azure platform as a service, customer-owned, or Microsoft partner services.
520 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. suvasara-MSFT 10,051 Reputation points
    2021-09-29T17:00:12.79+00:00

    @Ziggy99 , Looks like APPGW resource type is still under preview. I did try with resource ID providing listener as a target sub-resource but failed to deploy. We are investigating actively with respective product team to get more clarity on this issue. We'll be right back.

    136359-image.png


  2. Vijayan Anoop 1 Reputation point
    2021-10-11T16:32:10.357+00:00

    Hi, I too have the same scenario and get the same error. Unable to proceed. Thanks !


  3. Jerghiuta, Dan 31 Reputation points
    2022-05-10T19:26:17.937+00:00

    I opened a support case with Microsoft and they were able to give me a hint. The missing ingredient is a private link service that is not available in Portal and is still in preview. I was able to create it with this AZ command: https://learn.microsoft.com/en-us/cli/azure/network/application-gateway/private-link?msclkid=637fda6fd07f11ec9e4bab7b4233a652&view=azure-cli-latest#az-network-application-gateway-private-link-add
    After that, I was able to create the private endpoint from the portal.

    This still leaves a lot of open questions for me regarding the proper setup and consumption of this gateway, hoping to get some kind of documentation or end-to-end example from Microsoft.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.