Share via

Replicating AWS VPC-Endpoint Policies on Azure Private Endpoints for Granular Access Control

Omer Cohen 65 Reputation points
2024-12-11T10:25:01.9966667+00:00

How can we replicate AWS' VPC-endpoint policy on Azure's private-endpoint for granular access control?
This example illustrates restricting access to a specific S3 bucket.
As far as I can tell, an Azure private endpoint can be associated with a single storage account and is restricted to a single type of resource, e.g., containers, but cannot be restricted to a specific container (==S3 prefix/folder), when considering configurations that can be made from the private-endpoint.

Many thanks,
Omer.

Azure Private Link
Azure Private Link
An Azure service that provides private connectivity from a virtual network to Azure platform as a service, customer-owned, or Microsoft partner services.
526 questions
0 comments
Accepted answer
  1. KapilAnanth-MSFT 48,261 Reputation points Microsoft Employee
    2024-12-11T11:29:36.7766667+00:00

    @Omer Cohen ,

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    Currently, private endpoint cannot be used to provide granular control over containers within a Blob.

    For this requirement,

    Hope this helps

    Kindly let us know if this helps or you need further assistance on this issue.

    Thanks,

    Kapil

    Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.