Edit

Private Endpoints

  • Article

Azure Private Endpoint is a network interface that connects you privately and securely to a service powered by Azure Private Link. Now, Custom question answering provides you support to create private endpoints to the Azure Search Service.

Private endpoints are provided by Azure Private Link, as a separate service. For more information about costs, see the pricing page.

Prerequisites

  • If you don't have an Azure subscription, create a free account before you begin.
  • A Text Analytics resource (with Custom question answering feature) created in the Azure portal. Remember your Microsoft Entra ID, Subscription, Text Analytics resource name you selected when you created the resource.

Steps to enable private endpoint

  1. Assign Contributer role to Text Analytics service in the Azure Search Service instance. This operation requires Owner access to the subscription. Go to Identity tab in the service resource to get the identity.

Text Analytics Identity

  1. Add the above identity as Contributer by going to Azure Search Service IAM tab.

Managed service IAM

  1. Select Add role assignments, add the identity and then select Save.

Managed role assignment

  1. Now, go to the Networking tab in the Azure Search Service instance and switch Endpoint connectivity data from Public to Private. This operation is a long running process and can take up to 30 mins to complete.

Managed Azure search networking

  1. Go to the Networking tab of Text Analytics service and under Allow access from, select the Selected Networks and private endpoints option.
  2. Select Save

Text Analytics newtorking

This will establish a private endpoint connection between Text Analytics service and Azure AI Search service instance. You can verify the Private endpoint connection on the Networking tab of the Azure AI Search service instance. Once the whole operation is completed, you are good to use your Text Analytics service.

Managed Networking Service

Support details

  • We don't support changes to Azure AI Search service once you enable private access to your Text Analytics service. If you change the Azure AI Search service via 'Features' tab after you have enabled private access, the Text Analytics service will become unusable.
  • After establishing Private Endpoint Connection, if you switch Azure AI Search Service Networking to 'Public', you won't be able to use the Text Analytics service. Azure Search Service Networking needs to be 'Private' for the Private Endpoint Connection to work