This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
I am deploying PEs in my Vnet (dedicated Snet) that are linked to Web App resources deployed with Vnet integration. My understanding is that I need to add A records in the Private DNS Zone. This is turning out to be a lot harder than I would have expected.
How do I add my DNS records in this scenario since I can't add the records until I have deployed my PEs (need the IPs)? Any suggestions on best practices? I've gone in multiple different directions and still haven't found a solution that works effectively.
My thinking is to build an output based on something like this so that I can get each PE details, but I can't seem to get it right. Or maybe there is a better way?
param privateEndpoints array
// Deploy Private Endpoints
resource privateEndpoint 'Microsoft.Network/privateEndpoints@2024-05-01' = [for pe in privateEndpoints: {
name: pe.name
location: pe.location
properties: {
subnet: {
id: pe.properties.subnetId
}
privateLinkServiceConnections: [
{
name: 'link-to-${pe.name}' // Logical name for the private link service connection
properties: {
privateLinkServiceId: pe.properties.privateLinkServiceId // Reference the service being linked to
groupIds: pe.properties.groupIds
}
}
]
}
}]
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 38%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
Try https://learn.microsoft.com/en-us/azure/private-link/create-private-endpoint-bicep?tabs=CLI
If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.
hth
Marcin
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 81%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
Hi @Lee Johnson
Welcome to the Microsoft Q&A Platform! Thank you for asking your question here.
Adding to @Marcin Policht,
Please go through the below points:
Kindly let us know if the above helps or you need further assistance on this issue.
If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution.
Thanks,
Sai.
Hi @Lee Johnson,
Hope you are having a great day.
Just checking in to see if you have got a chance to see my response to your question in resolving the issue.
If you are still facing any further issues, please don't hesitate to reach out to us. We are happy to assist you.
Thanks,
Sai.
Hi @Lee Johnson,
Hope you are having a great day.
Just checking in to see if you have got a chance to see my response to your question in resolving the issue.
If you are still facing any further issues, please don't hesitate to reach out to us. We are happy to assist you.
Thanks,
Sai.
Try https://learn.microsoft.com/en-us/azure/private-link/create-private-endpoint-bicep?tabs=CLI
If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.
hth
Marcin
Really it's great and am very thankful to Microsoft and valuable experts efforts. I learn so much from this. Thank you so much.
Though not very well documented, the correct way to do this is to use Private DNS Zone Groups tied to each Private Endpoint. This is the only official documentation I could find: (https://learn.microsoft.com/en-us/azure/private-link/private-endpoint-dns-integration?source=recommendations#private-dns-zone-group)
Some key points:
It will look something like this:
param privateEndpoints array
resource privateEndpointDnsGroup 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2024-05-01' = [for pe in privateEndpoints: {
name: '${pe.name}/default'
properties: {
privateDnsZoneConfigs: [
{
name: '${pe.name}-config'
properties: {
privateDnsZoneId: pe.dnsZone
}
}
]
}
}]