How to have Azure Monitor alert trigger an Azure Automation runbook whose public access is disabled

Question

I'm following https://learn.microsoft.com/en-us/azure/automation/automation-create-alert-triggered-runbook to set up an alert to trigger an Azure Automation runbook.

Triggering of the runbook of course works if my Automation Account's Public network access is enabled like so:

But it stops working (webhook is returning HTTP 401) if I disable Public network access. I've of course tried creating a private endpoint connection for the Automation account but it did not help because it looks like Azure Monitor by default uses the public connection and there is no way to "put" it into a private subnet like you would do with a VM.

Is there any way to have an Automation Account with disabled public network access where I can trigger runbooks from Azure Monitor alerts?

Answer 1

According to Microsoft Azure support, Azure Monitor cannot trigger runbooks in an Automation Account with disabled public network access.