Share via

Steps to Connect Container App to Azure Table Storage via Existing Private Endpoint

Sharma, Ritika 345 Reputation points
2026-02-25T09:47:49.8733333+00:00

I already have the following resources set up:

  1. Private Endpoint for my Azure Table Storage with connection status Approved.
  2. Private DNS Zone associated with the Private Endpoint.
  3. Container App and its Container App Environment created.

I want to connect my Container App to the Table Storage using the private endpoint (no public access). I want my Container App to communicate securely with the Table Storage via the private endpoint. Please give Steps.

Azure Container Apps
Azure Container Apps

An Azure service that provides a general-purpose, serverless container platform.

0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Praveen Kumar Gudipudi 1,880 Reputation points Microsoft External Staff Moderator
    2026-02-25T10:37:57.8766667+00:00

    Hello Ritika ,

    Azure Container App to Azure Table Storage via an existing private endpoint:

    Here’s a step-by-step guide to make that work while ensuring secure communication without public access:

    Steps to Connect Container App to Azure Table Storage Using Private Endpoint

    Verify Private Endpoint and DNS Configuration:

    • Ensure that your private endpoint for Azure Table Storage is in an Approved state.
      • Make sure you have a Private DNS Zone linked properly. If not, adjust the DNS settings to ensure the storage account resolves correctly to the private endpoint (e.g., myaccount.privatelink.table.core.windows.net).
      Enable Private Networking in Container App Environment: 
      - Navigate to your **Container App Environment** settings in the Azure portal.

   - Ensure that **Public Network Access** is set to **Disabled**. This will restrict access to your Container App only via the private endpoint.

   **Configure the Container App to Use the Private Endpoint**:

      - When you create or update your container app, ensure you select the option to integrate with the private endpoint. This setting should be part of the options available in the Container App configuration page.

         - If needed, go to the **Networking** section of the settings and confirm that **Private Endpoint** is enabled.

         **Testing the Connection**:

            - To verify that your Container App can connect to the Table Storage, you might want to deploy a small application that reads/writes data to the storage and observe the behavior or logs.

               - You can also create a virtual machine (VM) in the same VNET to troubleshoot connectivity issues. Use the VM to perform tests like **nslookup** on your storage account link.

               **Troubleshoot Issues**:

                  - If you encounter issues, check the logs in Azure Monitor to identify potential connectivity issues.

                     - Refer to [Troubleshoot Private Endpoint Connection Issues](https://learn.microsoft.com/azure/private-link/troubleshoot-private-endpoint-connectivity) if you run into any specific errors.

    References

    I hope this helps you set up the connection smoothly! If you run into any specific issues while following these steps, feel free to ask for further assistance. Good luck!

    Please accept as answer and do a Thumbs-up to upvote this response if you are satisfied with the community help. Your upvote will be beneficial for the community users facing similar issues.

  2. Q&A Assist
    2026-02-25T09:47:59.52+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    To connect your Azure Container App to Azure Table Storage using an existing private endpoint, follow these steps:

    1. Ensure Private Endpoint Configuration: Confirm that your private endpoint for Azure Table Storage is properly configured and has an approved connection status. This allows your Container App to access the Table Storage securely.
    2. Configure Private DNS Zone: Make sure that your private DNS zone is correctly set up and linked to your virtual network. This ensures that your Container App can resolve the private endpoint's DNS name.
    3. Deploy the Container App: When deploying your Container App, ensure that it is configured to use the private endpoint. You can do this by specifying the environment where the private endpoint is associated. Use the Azure CLI command to deploy your container app: 
         az containerapp up \
       --name $CONTAINERAPP_NAME \
       --resource-group $RESOURCE_GROUP \
       --location $LOCATION \
       --environment $ENVIRONMENT_NAME \
       --image <your-image> \
       --target-port 80 \
       --ingress external \
       --query properties.configuration.ingress.fqdn
      Replace <your-image> with the appropriate image for your application.
    4. Access Table Storage: In your application code, use the connection string for Azure Table Storage that points to the private endpoint. Ensure that your application is set to use the private DNS name associated with the private endpoint to access the storage without going through public access.
    5. Testing: After deployment, test the connection from your Container App to the Azure Table Storage to ensure that it is working as expected without any public access.

    By following these steps, your Container App should be able to communicate securely with Azure Table Storage via the private endpoint.

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.