Azure Monitor Private Link

Overview

  • Connect privately to Azure Monitor without opening up any public network access
  • Ensure your monitoring data is only accessed through authorized private networks
  • Prevent data exfiltration from your private networks by defining specific Azure Monitor resources that connect through your private endpoint
  • Keep all traffic inside the Microsoft Azure backbone network

Feature Assessment

  • Connect activity log to a log analytics workspace for injection test
  • Teams SSO bot web app is linked to an application insight
  • Azure Window Sever 2019 Virtual Machine for private link validation from Azure portal
    (To save cost, I provisioned spot instance Standard_A2_V2 SKU VM, which is listed as 1/6 of the regular price, even though the actual charged price is around $0.08/hour, but it still saves a lot)
> api.loganalytics.io
Server: UnKnown
Address: 168.63.129.16
Non-authoritative answer:
Name: azmon-prod-eus-0-ingress-draft.eastus.cloudapp.azure.com
Address: 20.49.109.80
Aliases: api.loganalytics.io
api.monitor.azure.com
api.privatelink.monitor.azure.com
draftprodoms.trafficmanager.net

Conclusion

Appendix

--

--

--

All blogs are strictly personal and do not reflect the views of my employer, focus on cloud networking, cloud security and MS identity platform.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Easy Steps to Use Dropdown Tree with Organization Structures in ASP.NET MVC Applications

Easy Steps to Use Dropdown Tree with Organization Structures in ASP.NET MVC Applications

Project 6: Serial Communication

from fit6 http://ift.tt/2kfupcZ via alanafalk.jimdo.com

9 subjects you can teach using Code!!

Using spring boot in VS Code

Coding Interview: Big O Notation in a Nutshell

Basic writing and formatting syntax

Implement Social login with OAuth 2.0

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Cloud Journey

Cloud Journey

All blogs are strictly personal and do not reflect the views of my employer, focus on cloud networking, cloud security and MS identity platform.

More from Medium

Deploy Zscaler App Connector in Azure using Infrastructure-as-Code with Bicep Language

Automatic Update of API in Azure API Management using Terraform and Swagger

AZURE AD APP REGISTRATION — CREATE APPLICATION USING MS GRAPH API AND POWERSHELL

Self-Host Your Azure Pipeline Agents in Kubernetes and Scale Them On Demand