Short Answer: Its one way connection. From the VNET to the PaaS or PLS.
Private Link is introduced to solve the problem of VNET resource connecting to the 1st party(Azure Services) or 3rd party resources using public IP. With Private Endpoints, you can connect to the Private IP of the Private endpoint which in turn connect to the Azure service. The other way communication is not possible, in the sense Azure service cannot initiate traffic to the Private endpoints.
Regards,
Karthik Srinivas