Creating an Outbound Private Endpoint
Private endpoint names must be unique.
Follow these steps to create an private endpoint in the Azure portal when you are connecting your Azure account to Dremio Cloud or adding a project to an organization. The outbound private endpoints are used to connect Dremio executors back to the Dremio Cloud control plane over the Azure network.
Log in to the Azure portal.
Search for "Private endpoints" and select the Private endpoints service in the search results.
Click Create in the top left.
On the Basics tab, complete the following:
a. For Subscription, select the appropriate subscription from the dropdown.
b. For Resource group, select the appropriate resource group from the dropdown.
c. For Name, enter a name for the private endpoint.
d. (Optional) For Network Interface Name, the name should have been created automatically, but you can make edits if needed.
e. For Region, select the appropriate region from the dropdown.
f. Click Next : Resource.
On the Resource tab, complete the following:
a. For Connection method, select Connect to an Azure resource by resource ID or alias.
b. For Resource ID or alias, enter the Dremio resource ID for the given region.
c. Click Next : Virtual Network.
On the Virtual Network tab, complete the following:
a. For Virtual network, select the Dremio virtual network from the dropdown.
b. For Subnet, select a subnet in the virtual network from the dropdown.
c. For Private IP configuration, select Dynamically allocate IP address.
d. Click Next : DNS.
On the DNS tab, click Next : Tags.
On the Tags tab, complete the following:
a. (Optional) For Name, enter a tag name for your resource group.
b. (Optional) For Value, enter a value to help search and filter your resources or track your Azure costs.
c. Click the Review + create.
On the Review + create tab, click Create.
Save the private endpoint name in a location where you can retrieve it after your private endpoint is set up.
Regional Private Link Services
Refer to the below chart for the service name that matches the Azure region where you are deploying Dremio Cloud.
| Azure Region | Resource ID | Resource Alias |
|---|---|---|
| Central US | /subscriptions/eb51f36f-9a2b-4347-812d-f4ed118270d8/resourceGroups/rg-dcpls-prod-centralus/providers/Microsoft.Network/privateLinkServices/pls-dcpls-prod-centralus | pls-dcpls-prod-centralus.bbd6a2b7-36f4-46f5-ba2f-cdd57566cf3d.centralus.azure.privatelinkservice |
| East US | /subscriptions/eb51f36f-9a2b-4347-812d-f4ed118270d8/resourceGroups/rg-dcpls-prod-eastus/providers/Microsoft.Network/privateLinkServices/pls-dcpls-prod-eastus | pls-dcpls-prod-eastus.6bfa2f14-f1fe-4615-9d1d-d115de446c36.eastus.azure.privatelinkservice |
| West Europe | /subscriptions/eb51f36f-9a2b-4347-812d-f4ed118270d8/resourceGroups/rg-dcpls-prodemea-westeurope/providers/Microsoft.Network/privateLinkServices/pls-dcpls-prodemea-westeurope | pls-dcpls-prodemea-westeurope.de969752-11ce-40fc-a30c-0dd3f6fe3da0.westeurope.azure.privatelinkservice |
Azure CLI
An outbound private endpoint can also be created through the Azure CLI. See the following instructions:
#example resource group, VNet and subnet names given
az network private-endpoint create --connection-name connection-1 --name private-endpoint --private-connection-resource-id /subscriptions/eb51f36f-9a2b-4347-812d-f4ed118270d8/resourceGroups/rg-dcpls-prod-eastus/providers/Microsoft.Network/privateLinkServices/pls-dcpls-prod-eastus --resource-group dremiocloudresourcegroup --subnet dremio-cloud-sn --vnet-name dremio-cloud-vnet --manual-request true