How to create NSG behind private endpoint and how can i enable flow logs for this NSG?

Rachana Pole 5 Reputation points
2024-07-25T05:26:07.6766667+00:00

Hi team,

I have two questions here on NSG:

  1. How can I create NSG behind private endpoints?
  2. Can I enable flow logs for NSG behind private endpoint? If yes, how can I do that?
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,576 questions
Azure Network Watcher
Azure Network Watcher
An Azure service that is used to monitor, diagnose, and gain insights into network performance and health.
177 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. KapilAnanth-MSFT 48,081 Reputation points Microsoft Employee
    2024-07-25T05:54:54.82+00:00

    @Rachana Pole ,

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    I am afraid I did not understand your requirement.

    What exactly do you mean by "NSG behind private endpoints" ?

    • Do you mean to say you are planning to associate an NSG to a subnet that contains Private EndPoint?

    If so,

    Q1.

    • Yes, Private EndPoints honor NSGs that are attached to the subnet in which the PE is deployed into.
    • Provided that Network policies for private endpoints is enabled at the subnet
      • This will be enabled by default on recent deployments but feel free to verify it.
      • The above link specifies how you can enable/disable it via Portal itself.

    Q2.

    If my understanding of your requirement is incorrect, please elaborate and I shall try my best to address your queries.

    Thanks,

    Kapil


    Please Accept an answer if correct.

    Original posters help the community find answers faster by identifying the correct answer.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.