Fantastic lecture! Never seen anything so nice and clear out there on the internet. Thanks a mil again John!

Hey everyone, welcome to a deep dive look at Private Link! Please make sure to read the description for the chapters and key information about this video and others. ⚠️ P L E A S E N O T E ⚠️ 🔎 If you are looking for content on a particular topic search the channel. If I have something it will be there! 🕰️ I don't discuss future content nor take requests for future content so please don't ask 😇 Thanks for watching! ☁️🤙💪

Once again you have acted as a babelfish, making the official documentation more comprehensible. Looking back now, I wonder why this seemed so hard for me to grasp! Many thanks for putting your inimitable spin on things. I'm increasing thinking that the official documentation could be enhanced by linking to the "Jon Savill deep dive" for each service!

@NTFAQGuy

2 жыл бұрын

Thanks 🤙

@goon8000

2 жыл бұрын

So very true...!

Uploaded 2 years ago - still very helpful! Thanks for taking the time to record the vid! Had a request to implement private link and needed some pointers. This was a true pleasure to watch.

Best teacher ever. No seriously, thank you. Saves me a lot of reading Microsoft documentation that are sometimes not so straightforward and sometimes can be very confusing. We all struggle with it. Yes Microsoft needs to hire you as the official trainer on all of their Azure documentation and pay for all these videos. Seriously.

@NTFAQGuy

2 жыл бұрын

Haha glad it helps. I don’t want my day job to be a trainer. I like doing this as my hobby :)

Awesome lesson John! I really needed to understand this fully for an implementation at work and I am filled with much more confidence now. Thank you!

Honestly, I use your detailed videos as a guide. At times i would come back and watch a particular segment of the video to confirm my configurations or to better understand a concept. I appreciate you taking the time to create these incredibly useful videos.

You make the confusing so clear. I am a visual learner and this video paired with your DNS videos really cleared a lot of murky concepts in my brain. Thank you so much!

This was a great video. I love the amount of detail. It took me a little bit to understand the private link service discussion and I had to read up a bit more using the microsoft docs, but now everything clicks.

Very useful video John. thanks for all the efforts that goes into making these videos. You rock!

Oh man, your explanation is end to end, easy to unbderstand, direct to the point and sweet to watch. Thatnk a lot for all the effort you put into these awesome videos and lift up others' knowledge for free. You are a True legend! 🤙

Great timing. Appreciate this deep dive, right when I'm troubleshooting private link. Thanks John!

@NTFAQGuy

2 жыл бұрын

Welcome

Thanks John, last week i was searching your channel about Private Enpoint and I don't know how you do it but everytime I search for something I will find it on your channel or it will be released soon after. Again, BIG THANK YOU. :)

@NTFAQGuy

2 жыл бұрын

Happy to help!

Such a lifesaver John, you rock.. Without you, we'd be stuck with having to read long pages of microsoft docs, then grapple with understanding

Have to watch multiple times to wrap my head around all this. One of the best video out there on PLS. Thanks John for your hard work.

@Dechkaon

2 жыл бұрын

@2:29 you mentioned a subnet can be broken down into a subnet. How do you do that? haha i know you meant a vnet can be broken down into subnets... :)

Once again John, your master clases are awesome. Super well explained, straight to the point and covering end to end the topic. Thank you John 👏🏻👏🏻👏🏻👏🏻

Wow! Just Wow! This is one of the best Azure videos I have ever watched in my entire career!! Thank you. I really appreciate your great work in making this subject look so easy.

@NTFAQGuy

2 жыл бұрын

Very welcome 🤙

Been scratching my head about private links and endpoints for a while. Not I have gained a bit of confidence when I speak to our networking guys to ask for what I need when they provision our services. Thanks John!

John, thank you so much for making your hobby something that greatly benefits others. You are a blessing! 😎

@NTFAQGuy

4 ай бұрын

I appreciate that!

Wow! I am pretty new to Azure and this was incredibly informative. Will be tuning back in for more. Thank you and well done!

@NTFAQGuy

2 жыл бұрын

Awesome, welcome to the channel!

John you def have skills and ease with explaining all of that. Appreciate your work here. Using that MS Whiteboard on a large touch screen is absolute hit - we also have them in the office! Keep it up, I'm going to return to this materials as often as I can. Working as CSA on a fin institution - I def find your lecture about PL + PLS as great value.

Really in depth. I so appreciate all your videos! Big help to constantly be learning all of Azure and it's so huge. Thanks John.

@NTFAQGuy

8 ай бұрын

My pleasure!

Just a few weeks a go I figured out the way how to use you own DNS and Azure private zones. It's great to see you're on the same track! Also thanks for the info on Private Link that could be very useful!

@NTFAQGuy

2 жыл бұрын

Glad I could help!

Thanks a lot John! This is a great deep dive session 👍

@NTFAQGuy

2 жыл бұрын

Glad you enjoyed it!

A very big thanks to you! Explanation of Private link was quite exhaustive and lucid. Perfect!

@NTFAQGuy

8 ай бұрын

Glad it was helpful!

Thanks John... Once again, a great deep dive!!!

@NTFAQGuy

2 жыл бұрын

Thanks

I spent somewhere in the realm of 10 hours reading various documentation on this subject and it just wasn't clicking for me. In 10m I was able to understand where I was going wrong. I was looking at it way too traditionally. I wanted to conceptualize that private links lived in their own subnet and route their private traffic. But NO! Endpoints can be assigned to any subnet and accessed by regular means since it's just an IP address. What a unique technology. Thank you John!

Thanks for the video. And for the great work you do for the community. Looking forward for your upcoming materials.

@NTFAQGuy

2 жыл бұрын

Welcome

amazing video ... saved me 2 weeks of documentation reading, blog reading, ....

So you’re basically making the host or service accessible only on the internal network if you will? Just came across your channel as I look to study for some Azure exams. Excellent quality

John, I can't thank you enough for your work. You have an uncommon ability to remove the fog from these sometimes difficult to grasp concepts. I have my team use your content all the time. Excellent!

@ColinGroothius

2 жыл бұрын

One question, when using Azure Private Zones does that still preclude us from using Bastion Service? Thanks.

@NTFAQGuy

2 жыл бұрын

Glad you like them!

@NTFAQGuy

2 жыл бұрын

You just have to watch a couple of zone names, it is not you can't use private zones at all.

Thanks John! Awesome deep dive, really good explanation

@NTFAQGuy

2 жыл бұрын

Glad you enjoyed it!

The best channel to learn some of the hard Azure concepts. Subscribed to it now. In a couple of places on this video, I have to zoom out as the giant bicep muscle was occupying the screen. Along with Azure exercise, I need to do gym exercise as well ..

@NTFAQGuy

2 жыл бұрын

Lol

Excellent! Answered all the questions I had going in. Well-worth the 1-hour investment of time. Thanks John!

Great video! love those deep dives.

@NTFAQGuy

2 жыл бұрын

Thanks 👍

Thanks a lot for this explanation! It cleared up a lot for me.

You are a master communicator. What a fantastic explanation!

@NTFAQGuy

11 ай бұрын

Wow, thanks! Appreciate that

Great Explanation John.

Very helpful! Thanks John.

it's super awesome explanation of the concepts :). thank you

Thanks a lot JS.. helped alot to catch up from fundamentals.

Thank You so much. Great work. Very helpful!

Very good methodology. A lot of time required yet that time with this instructor is well spent.

@NTFAQGuy

6 ай бұрын

Many thanks!

Great great, many thanks to the author for the accurate and clear description of the topic, again many thanks !

Must re-iterate Richard's comments below - had a loose understanding of PLS and this did help the understanding from MS Learn. Great content as per usual JS. 🙂

@NTFAQGuy

2 жыл бұрын

Glad to help!

Thanks for putting the deep dive together.

@NTFAQGuy

2 жыл бұрын

Welcome.

Great lesson taught . thanks sir John

Excellent explained!!

Much respect for you John!

Great content, thanks John.

great explanation. Thank you so much !!

Wow. Nice job. Love it!

Thxs John! Wish I saw this vid last year! I tried this a year ago from onprem via ER to connect to PE / PL, had some issues resolving the PL fqdn (Az SQL ) from onprem. Sorting out the DNS issue was key.

@NTFAQGuy

2 жыл бұрын

Yep, DNS is everything!

All I can say is, where is the tip jar? Your videos have saved me so much time and energy. After watching your videos, I also feel I have a solid understanding of how some of the Azure services work! Keep up the great work!

@NTFAQGuy

Жыл бұрын

Glad can help 🤙

great job!! helped me a lot! :)

Thank You, Very well Explained

This was a **really** useful presentation!

@NTFAQGuy

2 жыл бұрын

Glad to hear that!

I can't thank you enough for these lessons

@NTFAQGuy

3 ай бұрын

You're very welcome!

Great Session

Thanks for this great overview 🙏

@NTFAQGuy

9 ай бұрын

Glad it was helpful!

Awesome clarification.

super cool video, thanks a lot!

You Rock! (or pebble if in the context of tattoos ;) ) One thing, you mentioned the pricing at the end just as peering & in/out. That is correct. But there is an additional one tiny little thing to be aware :) You pay €0.009/$0.01 per private endpoint per hour. Which basically menas €6.57/$7.3 per month. Multiply it by the number of different services and different endpoints (like blob,dfs,web etc.) and it can reach something significant to someone. But that is the price to stay 'private' or 'NATed' anyway :}

@NTFAQGuy

2 жыл бұрын

lol :-D John "The Pebble" Savill :-D and yes re PE pricing.

Thanks a lot ! Very useful concepts !! I don't know if you have the possibility to explaining subtleties that concerns app services and Azure function integration with private endpoints ? Thanks again ;)

@NTFAQGuy

2 жыл бұрын

there is a different video on app service vnet integration

thanks for making it easy :)

Much appreciated John.

@NTFAQGuy

2 жыл бұрын

Welcome!

Another good video. Keep up the good work.

@NTFAQGuy

2 жыл бұрын

Thanks 👍

Thanks for this great video. As far as PLS, why the NAT’ing just don’t use the FE IP of the LB instead of manually allocating IPs from a subnet?

@NTFAQGuy

2 жыл бұрын

It’s a separate service that you may want to see if it came via pls and why limit to only one ip.

Another great video! Your deep dives are always great. Quick qn: If I wanted traffic to my Private Link service to go through a firewall, could I do that? E.g. could I point the Private Link Service to the Front End IP Configuration of an App Gateway instead of a LB?

@NTFAQGuy

2 жыл бұрын

App gateway already has an ip in a vnet. Pls only supports slb. You would need app gateway to support PE if it’s existing ip in vnet was not enough

@va55ag0

2 жыл бұрын

@@NTFAQGuy Thanks. I was thinking about that example you gave about a vendor wanting to offer services to untrusted clients. That vendor would like to offer their clients the ability to connect to the service via a private endpoint... But still want their traffic to go through a firewall on their side.

@va55ag0

2 жыл бұрын

I suppose I could create an SLB with a backend that points to the private IP address of my Application Gateway... 🤔

At around 08:20 when creating private endpoints and attaching to a stg acct service kind of reminds me of configuring say an equallogic san to allow ESXi hosts to connect to LUNS on the san.

@NTFAQGuy

2 жыл бұрын

cool :-)

Amazing, thanks!

@NTFAQGuy

8 ай бұрын

Glad you like it!

You are the best!!!

Thank’s a lot John

@NTFAQGuy

2 жыл бұрын

Very welcome

ما شاء الله عليك يعطيك القوة

Amazing video! So if NSGs and UDRs are not functional (other than preview) for services using Private Links, you're limited to IAM permissions to enable/block access to the resources like Key Vault, Azure SQL, Azure Storage, etc, correct?

@NTFAQGuy

2 жыл бұрын

or control the target PE address at source but thats painful normally

@jayq7357

2 жыл бұрын

@@NTFAQGuy once you change "allow access from" to "selected networks" that is only applicable to service endpoints, correct?

@NTFAQGuy

2 жыл бұрын

@@jayq7357 will not restrict pe as I said in the video

Great content 👌

@NTFAQGuy

6 ай бұрын

Thank you 🙌

Great video again John - you need to use youtube "thanks" so we can at least buy you a coffee!

@NTFAQGuy

2 жыл бұрын

hehe, very kind but not required. There are others far more deserving! I do appreciate the thought.

Love it

Great tutorial! Thank you. Is it possible to make a storage account only private but have an azure automation account runbook still be able to access it? I checked in resources and trusted services, but could not find it.

@NTFAQGuy

2 жыл бұрын

Hybrid worker in vnet would work I guess

@marcusaurelius3796

2 жыл бұрын

@@NTFAQGuy agreed, that will. I was trying to avoid that step/hop, by utilizing all the "built-in" stuff. I would have hoped MS would allow me trust my own automation account resource on the vnet (or something like that to avoid the hybrid step). Thank you for getting back and for all the effort you put for these sessions. Very helpful.

Legend!!!

Nice video

@NTFAQGuy

2 жыл бұрын

Thanks

What is 'dfs' (alongside with blob etc) listed as subresources under storage account when you create private endpoint

@NTFAQGuy

2 жыл бұрын

Adlsgen2

I am using azure events hub service bus private link and it resolves to azure private dns but I cannot send event due to ssl handshake/dns resolution issue as I am leveraging azure private dns. Is there a way to have a new private dns for private link?

@NTFAQGuy

2 жыл бұрын

I’m not following your problem I’m afraid. I would post more detail to Reddit for more help

@amjds1341

2 жыл бұрын

Sorry for the confusion. We are using custom domain and leveraging Azure private dns for Paas service events hub. We are able to resolve the events hub service bus IP from on prem same but unable to use private dns name from on prem as it points back to original paas IP. Private dns entry is unable to resolve the cname entry i.e. authoritative entry for service bus somehow. Since we get SSL error message and our private dns entry doesn't match with service bus hostname, even though it points to same via private endpoint I would post on reddit for more detail :). Thanks for your response

Comment for engagement !

Thanks to God , we have john to help summary and explain the Azure tech.. that is really really really helpful.John, you saved our life , MS should pay for you.