Creating a Data Source Private Endpoint
Follow these steps to create an Azure private endpoint in the Azure portal when you are connecting to data sources. This can be a data source connection from executors for all supported data sources in Azure.
Private endpoints are only supported when the data source is within Azure or mapped to your Azure account. Data sources hosted in AWS are not supported.
Azure Storage accounts require private endpoints on both the DFS and Blob endpoints. See Creating a private endpoint for more details.
- Log in to the Azure portal.
- Search for "Private endpoints" and select the Private endpoints service in the search results.
- Click Create in the top left.
- On the Basics tab, complete the following:
a. For Subscription, select the appropriate subscription from the dropdown.
b. For Resource group, select the resource group from the dropdown.
c. For Name, enter a name for the private endpoint.
d. (Optional) For Network Interface Name, the name should have been created automatically, but you can make edits if needed.
e. For Region, select the appropriate region from the dropdown.
f. Click Next : Resource.
- On the Resource tab, complete the following:
a. For Connection method, select Connect to an Azure resource in my directory.
b. For Subscription, select the appropriate subscription from the dropdown.
c. For Resource type, select the type from the dropdown.
d. For Resource, select the appropriate resource.
e. For Target sub-resource, select the target sub-resource for the given source.
f. Click Next : Virtual Network.
- On the Virtual Network tab, complete the following:
a. For Virtual network, select the Dremio virtual network from the dropdown.
b. For Subnet, select the compatible subnet for the virtual network.
c. For Private IP configuration, select Dynamically allocate IP address.
d. Click Next : DNS.
-
On the DNS tab, click Next : Tags.
-
On the Tags tab, complete the following:
a. (Optional) For Name, enter a tag name for your resource group.
b. (Optional) For Value, enter a value to help search and filter your resources or track your Azure costs.
c. Click the Next : Review + create.
-
On the Review + create tab, click Create.
Azure CLI
A private endpoint can also be created through the Azure CLI. See the following instructions:
#example subscription, resource group, vnet, subnet, storage account and endpoint names names given
az network private-endpoint create --name storage_private_endpoint_blob --resource-group dremiocloudresourcegroup --subnet dremio-cloud-sn --private-connection-resource-id /subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/dremiocloudresourcegroup/providers/Microsoft.Storage/storageAccounts/dremiocloudstorageaccount --group-id blob --location eastus --connection-name storage_private_endpoint_svc_con_blob --vnet-name dremio-cloud-vnet
az network private-endpoint create --name storage_private_endpoint_dfs --resource-group dremiocloudresourcegroup --subnet dremio-cloud-sn --private-connection-resource-id /subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/dremiocloudresourcegroup/providers/Microsoft.Storage/storageAccounts/dremiocloudstorageaccount --group-id dfs --location eastus --connection-name storage_private_endpoint_svc_con_dfs --vnet-name dremio-cloud-vnet