Can some resource in one subnet access azure blob storage using a private endpoint created in another subnet
I have created a private endpoint between a subnet and azure blob storage.
I can access the azure blob storage using resources from within this subnet.
Can this private endpoint be accessed from another subnet resource.
Also will it be a good practice to create seperate subnet for all azure endpoints.
Can some resource in one subnet access azure blob storage using a private endpoint created in another subnet
If you have a storage account with a private endpoint in one subnet (Subnet 1) and you are trying to access it from another subnet (Subnet 2) in the same Virtual Network. the traffic between the two subnets will be allowed unless you create any NSG rules that restrict it.
If you have multiple private endpoints, you can create an additional subnet and use it for all the endpoints, but it is not necessary to use the same subnet for all private endpoints.
Reference: Stack link by Ansuman Bal
- Azure N-Tier application architecture not working with App Service Container deployment
- Azure APIM - VNET injection vs inbound private endpoint, what is a difference?
- Can some resource in one subnet access azure blob storage using a private endpoint created in another subnet
- Azure Container Registry not accessible via private endpoint [403 Forbidden]
- How to calculate correctly the number of IPs needed when there are multiple workers?
- App Service to Storage Account Connection in Azure Virtual Network
- How to Restrict On-Premises Access to Specific Endpoints in a Hub-and-Spoke VNet Architecture with Site-to-Site VPN?
- Azure Function Running in VNet Unable to Connect to Whitelisted Azure Redis Cache
- How to allow IP Based access to StorageAccount in Azure VNet?
- Deploy a container registry containing a python docker code into azure logic apps using a virtual network
- Azure App Service Custom Backup to Firewall Enabled Storage Account not working as expected
- Using Azure WAF for my server(not in Azure)
- Azure Key Vault Disabled public access, how to access it through the portal via internet
- Azure - difference between service endpoint and private endpoint in simple terms
- Virtual network warns about address overlap with itself
- Bicep: How can I optionally set a property?
- Github deploy code Fails where Func app in Vnet - auth error using OIDC
- Terraform - How to find Azure Kubernetes AKS vnet ID for network peering
- Private and Service Endpoints together
- Why would a fixed public IP be lost when updating an app service in Azure
- Copy fileshare data between the subscriptions - here the target subscription is in virtual network
- Set up of virtual network integration with 2 app service plan within a single subnet
- Allow azure services(web application) to access the Storage Account using the Exception
- Azure Route Server
- Azure Network Function Manager
- Reach an Azure VMs from a pod in Azure K8s cluster located in a different VNet
- When to use Azure Network interfaces' application_gateway_backend_address_pools
- Azure Point-to-Site VPN auth logging
- Connect to Azure function app with private endpoint over VPN point to site
- Creating Azure DEV TEST environment, creates overlapping address space