This page documents the language specification for the azure package. If you're looking for help working with the inputs, outputs, or functions of azure resources in a Pulumi program, please see the resource documentation for examples and API reference.

privatelink¶

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-azure repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-azurerm repo.

class pulumi_azure.privatelink.AwaitableGetEndpointConnectionResult(id=None, location=None, name=None, private_service_connections=None, resource_group_name=None)¶

class pulumi_azure.privatelink.AwaitableGetServiceEndpointConnectionsResult(id=None, location=None, private_endpoint_connections=None, resource_group_name=None, service_id=None, service_name=None)¶

class pulumi_azure.privatelink.AwaitableGetServiceResult(alias=None, auto_approval_subscription_ids=None, enable_proxy_protocol=None, id=None, load_balancer_frontend_ip_configuration_ids=None, location=None, name=None, nat_ip_configurations=None, resource_group_name=None, tags=None, visibility_subscription_ids=None)¶

class pulumi_azure.privatelink.Endpoint(resource_name, opts=None, location=None, name=None, private_dns_zone_group=None, private_service_connection=None, resource_group_name=None, subnet_id=None, tags=None, __props__=None, __name__=None, __opts__=None)¶

Manages a Private Endpoint.

NOTE Private Endpoint is currently in Public Preview.

Azure Private Endpoint is a network interface that connects you privately and securely to a service powered by Azure Private Link. Private Endpoint uses a private IP address from your VNet, effectively bringing the service into your VNet. The service could be an Azure service such as Azure Storage, SQL, etc. or your own Private Link Service.

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork",
    address_spaces=["10.0.0.0/16"],
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
service = azure.network.Subnet("service",
    resource_group_name=example_resource_group.name,
    virtual_network_name=example_virtual_network.name,
    address_prefix="10.0.1.0/24",
    enforce_private_link_service_network_policies=True)
endpoint = azure.network.Subnet("endpoint",
    resource_group_name=example_resource_group.name,
    virtual_network_name=example_virtual_network.name,
    address_prefix="10.0.2.0/24",
    enforce_private_link_endpoint_network_policies=True)
example_public_ip = azure.network.PublicIp("examplePublicIp",
    sku="Standard",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    allocation_method="Static")
example_load_balancer = azure.lb.LoadBalancer("exampleLoadBalancer",
    sku="Standard",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    frontend_ip_configuration=[{
        "name": example_public_ip.name,
        "public_ip_address_id": example_public_ip.id,
    }])
example_link_service = azure.privatedns.LinkService("exampleLinkService",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    nat_ip_configuration=[{
        "name": example_public_ip.name,
        "primary": True,
        "subnet_id": service.id,
    }],
    load_balancer_frontend_ip_configuration_ids=[example_load_balancer.frontend_ip_configurations[0]["id"]])
example_endpoint = azure.privatelink.Endpoint("exampleEndpoint",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    subnet_id=endpoint.id,
    private_service_connection={
        "name": "example-privateserviceconnection",
        "privateConnectionResourceId": example_link_service.id,
        "isManualConnection": False,
    })

Parameters

resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
location (pulumi.Input[str]) – The supported Azure location where the resource exists. Changing this forces a new resource to be created.
name (pulumi.Input[str]) – Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
private_dns_zone_group (pulumi.Input[dict]) – A private_dns_zone_group block as defined below.
private_service_connection (pulumi.Input[dict]) – A private_service_connection block as defined below.
resource_group_name (pulumi.Input[str]) – Specifies the Name of the Resource Group within which the Private Endpoint should exist. Changing this forces a new resource to be created.
subnet_id (pulumi.Input[str]) – The ID of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint. Changing this forces a new resource to be created.
tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

The private_dns_zone_group object supports the following:

id (pulumi.Input[str]) - The ID of the Private DNS Zone Config.
name (pulumi.Input[str]) - Specifies the Name of the Private Service Connection. Changing this forces the a new private_dns_zone_group to be created.
privateDnsZoneIds (pulumi.Input[list]) - Specifies the list of Private DNS Zones to include within the private_dns_zone_group.

The private_service_connection object supports the following:

isManualConnection (pulumi.Input[bool]) - Does the Private Endpoint require Manual Approval from the remote resource owner? Changing this forces a new resource to be created.
name (pulumi.Input[str]) - Specifies the Name of the Private Service Connection. Changing this forces a new resource to be created.
privateConnectionResourceId (pulumi.Input[str]) - The ID of the Private Link Enabled Remote Resource which this Private Endpoint should be connected to. Changing this forces a new resource to be created.
private_ip_address (pulumi.Input[str]) - The private IP address associated with the private endpoint, note that you will have a private IP address assigned to the private endpoint even if the connection request was Rejected.
requestMessage (pulumi.Input[str]) - A message passed to the owner of the remote resource when the private endpoint attempts to establish the connection to the remote resource. The request message can be a maximum of 140 characters in length. Only valid if is_manual_connection is set to true.
subresourceNames (pulumi.Input[list]) - A list of subresource names which the Private Endpoint is able to connect to. subresource_names corresponds to group_id. Changing this forces a new resource to be created.

location: pulumi.Output[str] = None¶: The supported Azure location where the resource exists. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None¶: Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.

private_dns_zone_group: pulumi.Output[dict] = None¶

A private_dns_zone_group block as defined below.

id (str) - The ID of the Private DNS Zone Config.
name (str) - Specifies the Name of the Private Service Connection. Changing this forces the a new private_dns_zone_group to be created.
privateDnsZoneIds (list) - Specifies the list of Private DNS Zones to include within the private_dns_zone_group.

private_service_connection: pulumi.Output[dict] = None¶

A private_service_connection block as defined below.

isManualConnection (bool) - Does the Private Endpoint require Manual Approval from the remote resource owner? Changing this forces a new resource to be created.
name (str) - Specifies the Name of the Private Service Connection. Changing this forces a new resource to be created.
privateConnectionResourceId (str) - The ID of the Private Link Enabled Remote Resource which this Private Endpoint should be connected to. Changing this forces a new resource to be created.
private_ip_address (str) - The private IP address associated with the private endpoint, note that you will have a private IP address assigned to the private endpoint even if the connection request was Rejected.
requestMessage (str) - A message passed to the owner of the remote resource when the private endpoint attempts to establish the connection to the remote resource. The request message can be a maximum of 140 characters in length. Only valid if is_manual_connection is set to true.
subresourceNames (list) - A list of subresource names which the Private Endpoint is able to connect to. subresource_names corresponds to group_id. Changing this forces a new resource to be created.

resource_group_name: pulumi.Output[str] = None¶: Specifies the Name of the Resource Group within which the Private Endpoint should exist. Changing this forces a new resource to be created.

subnet_id: pulumi.Output[str] = None¶: The ID of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint. Changing this forces a new resource to be created.

tags: pulumi.Output[dict] = None¶: A mapping of tags to assign to the resource.

static get(resource_name, id, opts=None, custom_dns_configs=None, location=None, name=None, private_dns_zone_configs=None, private_dns_zone_group=None, private_service_connection=None, resource_group_name=None, subnet_id=None, tags=None)¶

Get an existing Endpoint resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
location (pulumi.Input[str]) – The supported Azure location where the resource exists. Changing this forces a new resource to be created.
name (pulumi.Input[str]) – Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
private_dns_zone_group (pulumi.Input[dict]) – A private_dns_zone_group block as defined below.
private_service_connection (pulumi.Input[dict]) – A private_service_connection block as defined below.
resource_group_name (pulumi.Input[str]) – Specifies the Name of the Resource Group within which the Private Endpoint should exist. Changing this forces a new resource to be created.
subnet_id (pulumi.Input[str]) – The ID of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint. Changing this forces a new resource to be created.
tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.

The custom_dns_configs object supports the following:

fqdn (pulumi.Input[str]) - The fully qualified domain name to the private_dns_zone.
ipAddresses (pulumi.Input[list]) - A list of all IP Addresses that map to the private_dns_zone fqdn.

The private_dns_zone_configs object supports the following:

id (pulumi.Input[str]) - The ID of the Private DNS Zone Config.
name (pulumi.Input[str]) - Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
privateDnsZoneId (pulumi.Input[str]) - A list of IP Addresses
recordSets (pulumi.Input[list]) - A record_sets block as defined below.
- fqdn (pulumi.Input[str]) - The fully qualified domain name to the private_dns_zone.
- ipAddresses (pulumi.Input[list]) - A list of all IP Addresses that map to the private_dns_zone fqdn.
- name (pulumi.Input[str]) - Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.
- ttl (pulumi.Input[float]) - The time to live for each connection to the private_dns_zone.
- type (pulumi.Input[str]) - The type of DNS record.

The private_dns_zone_group object supports the following:

id (pulumi.Input[str]) - The ID of the Private DNS Zone Config.
name (pulumi.Input[str]) - Specifies the Name of the Private Service Connection. Changing this forces the a new private_dns_zone_group to be created.
privateDnsZoneIds (pulumi.Input[list]) - Specifies the list of Private DNS Zones to include within the private_dns_zone_group.

The private_service_connection object supports the following:

isManualConnection (pulumi.Input[bool]) - Does the Private Endpoint require Manual Approval from the remote resource owner? Changing this forces a new resource to be created.
name (pulumi.Input[str]) - Specifies the Name of the Private Service Connection. Changing this forces a new resource to be created.
privateConnectionResourceId (pulumi.Input[str]) - The ID of the Private Link Enabled Remote Resource which this Private Endpoint should be connected to. Changing this forces a new resource to be created.
private_ip_address (pulumi.Input[str]) - The private IP address associated with the private endpoint, note that you will have a private IP address assigned to the private endpoint even if the connection request was Rejected.
requestMessage (pulumi.Input[str]) - A message passed to the owner of the remote resource when the private endpoint attempts to establish the connection to the remote resource. The request message can be a maximum of 140 characters in length. Only valid if is_manual_connection is set to true.
subresourceNames (pulumi.Input[list]) - A list of subresource names which the Private Endpoint is able to connect to. subresource_names corresponds to group_id. Changing this forces a new resource to be created.

translate_output_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

translate_input_property(prop)¶

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters: prop (str) – A property name.
Returns: A potentially transformed property name.
Return type: str

class pulumi_azure.privatelink.GetEndpointConnectionResult(id=None, location=None, name=None, private_service_connections=None, resource_group_name=None)¶

A collection of values returned by getEndpointConnection.

id = None¶: The provider-assigned unique ID for this managed resource.

location = None¶: The supported Azure location where the resource exists.

name = None¶: The name of the private endpoint.

class pulumi_azure.privatelink.GetServiceEndpointConnectionsResult(id=None, location=None, private_endpoint_connections=None, resource_group_name=None, service_id=None, service_name=None)¶

A collection of values returned by getServiceEndpointConnections.

id = None¶: The provider-assigned unique ID for this managed resource.

service_name = None¶: The name of the private link service.

class pulumi_azure.privatelink.GetServiceResult(alias=None, auto_approval_subscription_ids=None, enable_proxy_protocol=None, id=None, load_balancer_frontend_ip_configuration_ids=None, location=None, name=None, nat_ip_configurations=None, resource_group_name=None, tags=None, visibility_subscription_ids=None)¶

A collection of values returned by getService.

alias = None¶: The alias is a globally unique name for your private link service which Azure generates for you. Your can use this alias to request a connection to your private link service.

auto_approval_subscription_ids = None¶: The list of subscription(s) globally unique identifiers that will be auto approved to use the private link service.

enable_proxy_protocol = None¶: Does the Private Link Service support the Proxy Protocol?

id = None¶: The provider-assigned unique ID for this managed resource.

load_balancer_frontend_ip_configuration_ids = None¶: The list of Standard Load Balancer(SLB) resource IDs. The Private Link service is tied to the frontend IP address of a SLB. All traffic destined for the private link service will reach the frontend of the SLB. You can configure SLB rules to direct this traffic to appropriate backend pools where your applications are running.

location = None¶: The supported Azure location where the resource exists.

name = None¶: The name of private link service NAT IP configuration.

nat_ip_configurations = None¶: The nat_ip_configuration block as defined below.

tags = None¶: A mapping of tags to assign to the resource.

visibility_subscription_ids = None¶: The list of subscription(s) globally unique identifiers(GUID) that will be able to see the private link service.

pulumi_azure.privatelink.get_endpoint_connection(name=None, resource_group_name=None, opts=None)¶

Use this data source to access the connection status information about an existing Private Endpoint Connection.

NOTE Private Endpoint is currently in Public Preview.

import pulumi
import pulumi_azure as azure

example = azure.privatelink.get_endpoint_connection(name="example-private-endpoint",
    resource_group_name="example-rg")
pulumi.export("privateEndpointStatus", example.private_service_connections[0]["status"])

Parameters

name (str) – Specifies the Name of the private endpoint.
resource_group_name (str) – Specifies the Name of the Resource Group within which the private endpoint exists.

pulumi_azure.privatelink.get_service(name=None, resource_group_name=None, opts=None)¶

Use this data source to access information about an existing Private Link Service.

NOTE Private Link is currently in Public Preview.

import pulumi
import pulumi_azure as azure

example = azure.privatelink.get_service(name="myPrivateLinkService",
    resource_group_name="PrivateLinkServiceRG")
pulumi.export("privateLinkServiceId", example.id)

Parameters

name (str) – The name of the private link service.
resource_group_name (str) – The name of the resource group in which the private link service resides.

pulumi_azure.privatelink.get_service_endpoint_connections(resource_group_name=None, service_id=None, opts=None)¶

Use this data source to access endpoint connection information about an existing Private Link Service.

NOTE Private Link is currently in Public Preview.

import pulumi
import pulumi_azure as azure

example = azure.privatelink.get_service_endpoint_connections(service_id=azurerm_private_link_service["example"]["id"],
    resource_group_name=azurerm_resource_group["example"]["name"])
pulumi.export("privateEndpointStatus", example.private_endpoint_connections[0]["status"])

Parameters

resource_group_name (str) – The name of the resource group in which the private link service resides.
service_id (str) – The resource ID of the private link service.

The Pulumi Platform

Get Started

Migrate to Pulumi

Solutions for All Teams and Engineers

Any Code

Any Cloud

privatelink¶

On This Page