Document Details
Private Link Service
❌
This page contains Windows bias
About This Page
This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
Bias Analysis
Bias Types:
⚠️
powershell_heavy
⚠️
windows_first
⚠️
missing_linux_example
⚠️
windows_tools
Summary:
The documentation demonstrates a Windows bias by providing only Azure PowerShell examples for CLI-based configuration, referencing the creation of a Windows virtual machine for validation, and omitting equivalent Linux/Bash or Azure CLI examples. The validation steps specifically mention using a Windows VM and do not address Linux alternatives. There is no mention of Linux tools or cross-platform command-line instructions.
Recommendations:
- Add equivalent Azure CLI (az) examples for creating and managing private endpoints, as Azure CLI is cross-platform and widely used on Linux and macOS.
- Include instructions for creating and validating the setup using a Linux virtual machine, with appropriate screenshots and command-line examples.
- When providing command-line validation steps (e.g., nslookup), clarify that these commands work on both Windows and Linux, and show example outputs from both environments.
- Avoid referencing only Windows-specific resources or tools (such as Azure PowerShell or Windows VM creation guides) without mentioning or linking to Linux equivalents.
- Consider reordering examples or providing parallel instructions for both Windows and Linux users to ensure parity and inclusivity.
Create pull request
Scan History
| Date | Scan ID | Status | Bias Status |
|---|---|---|---|
| 2025-07-12 23:44 | #41 | in_progress | ❌ Biased |
| 2025-07-12 00:58 | #8 | cancelled | ✅ Clean |
| 2025-07-10 05:06 | #7 | processing | ✅ Clean |
Flagged Code Snippets
## Manage private endpoints using Azure portal
When you create a private endpoint, the connection must be approved. If the resource (Relay namespace) for which you're creating a private endpoint is in your directory, you can approve the connection request provided you've manage privileges over the Relay namespace. If you're connecting to a Relay namespace for which you don't have the manage access, you must wait for the owner of that resource to approve your connection request.
There are four provisioning states:
| Service action | Service consumer private endpoint state | Description |
|--|--|--|
| None | Pending | Connection is created manually and is pending approval from the Azure Relay namespace owner. |
| Approve | Approved | Connection was automatically or manually approved and is ready to be used. |
| Reject | Rejected | Connection was rejected by the Azure Relay namespace owner. |
| Remove | Disconnected | Connection was removed by the Azure Relay namespace owner. The private endpoint becomes informative and should be deleted for cleanup. |
### Approve, reject, or remove a private endpoint connection
1. Sign in to the Azure portal.
1. In the search bar, type in **Relay**.
1. Select the **namespace** that you want to manage.
1. Select the **Networking** tab.
5. Go to the appropriate section below based on the operation you want to: approve, reject, or remove.
### Approve a private endpoint connection
1. If there are any connections that are pending, you see a connection listed with **Pending** in the provisioning state.
2. Select the **private endpoint** you wish to approve
3. Select the **Approve** button.
:::image type="content" source="./media/private-link-service/private-endpoint-approve.png" alt-text="Screenshot showing the Approve button on the command bar for the selected private endpoint.":::
4. On the **Approve connection** page, enter an optional **comment**, and select **Yes**. If you select **No**, nothing happens.
:::image type="content" source="./media/private-link-service/approve-connection-page.png" alt-text="Screenshot showing the Approve connection page asking for your confirmation.":::
5. You should see the status of the connection in the list changed to **Approved**.
### Reject a private endpoint connection
1. If there are any private endpoint connections you want to reject, whether it's a pending request or existing connection that was approved earlier, select the endpoint connection and select the **Reject** button.
:::image type="content" source="./media/private-link-service/private-endpoint-reject.png" alt-text="Screenshot showing the Reject button on the command bar for the selected private endpoint.":::
2. On the **Reject connection** page, enter an optional comment, and select **Yes**. If you select **No**, nothing happens.
:::image type="content" source="./media/private-link-service/reject-connection-page.png" alt-text="Screenshot showing the Reject connection page asking for your confirmation.":::
3. You should see the status of the connection in the list changed **Rejected**.
### Remove a private endpoint connection
1. To remove a private endpoint connection, select it in the list, and select **Remove** on the toolbar.
:::image type="content" source="./media/private-link-service/remove-endpoint.png" alt-text="Screenshot showing the Remove button on the command bar for the selected private endpoint.":::
2. On the **Delete connection** page, select **Yes** to confirm the deletion of the private endpoint. If you select **No**, nothing happens.
:::image type="content" source="./media/private-link-service/delete-connection-page.png" alt-text="Screenshot showing the Delete connection page asking you for the confirmation.":::
3. You should see the status changed to **Disconnected**. Then, you won't see the endpoint in the list.
## Validate that the private link connection works
You should validate that resources within the virtual network of the private endpoint are connecting to your Azure Relay namespace over its private IP address.
For this test, create a virtual machine by following the steps in the [Create a Windows virtual machine in the Azure portal](/azure/virtual-machines/windows/quick-create-portal)
In the **Networking** tab:
1. Specify **Virtual network** and **Subnet**. Select the Virtual Network on which you deployed the private endpoint.
2. Specify a **public IP** resource.
3. For **NIC network security group**, select **None**.
4. For **Load balancing**, select **No**.
Connect to the VM and open the command line and run the following command: