Share via

az network private-endpoint

Manage private endpoints.

Commands

Name Description Type Status
az network private-endpoint asg

Manage private endpoint application security groups.

 Core GA
az network private-endpoint asg add

Add a private endpoint application security group.

 Core GA
az network private-endpoint asg list

List application security group within a private endpoint.

 Core GA
az network private-endpoint asg remove

Remove a private endpoint application security group.

 Core GA
az network private-endpoint asg wait

Place the CLI in a waiting state until a condition is met.

 Core GA
az network private-endpoint create

Create a private endpoint.

 Core GA
az network private-endpoint delete

Delete a private endpoint.

 Core GA
az network private-endpoint dns-zone-group

Manage private endpoint dns zone group.

 Core GA
az network private-endpoint dns-zone-group add

Add a private endpoint dns zone into a dns zone group.

 Core GA
az network private-endpoint dns-zone-group create

Create a private endpoint dns zone group.

 Core GA
az network private-endpoint dns-zone-group delete

Delete a private endpoint dns zone group.

 Core GA
az network private-endpoint dns-zone-group list

List all private endpoint dns zone groups.

 Core GA
az network private-endpoint dns-zone-group remove

Remove a private endpoint dns zone into a dns zone group.

 Core GA
az network private-endpoint dns-zone-group show

Show a private endpoint dns zone group.

 Core GA
az network private-endpoint dns-zone-group wait

Place the CLI in a waiting state until a condition is met.

 Core GA
az network private-endpoint ip-config

Manage private endpoint ip configurations.

 Core GA
az network private-endpoint ip-config add

Add a private endpoint ip configuration.

 Core GA
az network private-endpoint ip-config list

List ip configuration within a private endpoint.

 Core GA
az network private-endpoint ip-config remove

Remove a private endpoint ip configuration.

 Core GA
az network private-endpoint ip-config wait

Place the CLI in a waiting state until a condition is met.

 Core GA
az network private-endpoint list

List private endpoints.

 Core GA
az network private-endpoint list-types

Returns all of the resource types that can be linked to a Private Endpoint in this subscription in this region.

 Core GA
az network private-endpoint show

Get the details of a private endpoint.

 Core GA
az network private-endpoint update

Update a private endpoint.

 Core GA
az network private-endpoint wait

Place the CLI in a waiting state until a condition is met.

 Core GA

az network private-endpoint create

Edit

Create a private endpoint.

az network private-endpoint create --connection-name
                                   --name
                                   --private-connection-resource-id
                                   --resource-group
                                   --subnet
                                   [--acquire-policy-token]
                                   [--app-gateway-ip-configs --application-gateway-ip-configurations]
                                   [--asg --asgs]
                                   [--change-reference]
                                   [--default-outbound-access --outbound-access {0, 1, f, false, n, no, t, true, y, yes}]
                                   [--edge-zone]
                                   [--group-id --group-ids]
                                   [--ip-config --ip-configs]
                                   [--ip-version-type {DualStack, IPv4, IPv6}]
                                   [--ipam-pool-prefix-allocations --ipam-prefix-allocs]
                                   [--location]
                                   [--manual-request {0, 1, f, false, n, no, t, true, y, yes}]
                                   [--nic-name]
                                   [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                                   [--request-message]
                                   [--service-gateway]
                                   [--sharing-scope {DelegatedServices, Tenant}]
                                   [--tags]
                                   [--vnet-name]

Examples

Create a private endpoint.

az network private-endpoint create -g MyResourceGroup -n MyPE --vnet-name MyVnetName --subnet MySubnet --private-connection-resource-id "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MyResourceGroup/providers/Microsoft.Network/privateLinkServices/MyPLS" --connection-name tttt -l centralus

Create a private endpoint with ASGs.

az network private-endpoint create -n MyPE -g MyResourceGroup --vnet-name MyVnetName --subnet MySubnet --connection-name MyConnectionName --group-id MyGroupId --private-connection-resource-id MyResourceId --asg id=MyAsgId --asg id=MyAsgId

Create a private endpoint with ip-configs.

az network private-endpoint create -n MyPE -g MyResourceGroup --vnet-name MyVnetName --subnet MySubnet --connection-name MyConnectionName --group-id MyGroupId --private-connection-resource-id MyResourceId --ip-configs [{name:Myipconfig1,group-id:MyGroupId ,member-name:MyMemberName,private-ip-address:10.0.0.4},{name:Myipconfig2,private-ip-address:10.0.0.6}]

Required Parameters

--connection-name

Name of the private link service connection.

--name -n

Name of the private endpoint.

--private-connection-resource-id

The resource id of the private endpoint to connect to.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subnet

Name or ID of an existing subnet. If name specified, also specify --vnet-name. If you want to use an existing subnet in other resource group or subscription, please provide the ID instead of the name of the subnet and do not specify the--vnet-name.

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--acquire-policy-token

Acquiring an Azure Policy token automatically for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--app-gateway-ip-configs --application-gateway-ip-configurations

Application gateway IP configurations of virtual network resource. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

Property Value
Parameter group: Properties Arguments
--asg --asgs

The private endpoint application security groups. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more. Singular flags: --asg.

Property Value
Parameter group: Application Security Group Arguments
--change-reference

The related change reference ID for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--default-outbound-access --outbound-access

Set this property to false to disable default outbound connectivity for all VMs in the subnet.

Property Value
Parameter group: Properties Arguments
Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--edge-zone

The name of edge zone.

--group-id --group-ids

The ID of the group obtained from the remote resource that this private endpoint should connect to. You can use "az network private-link-resource list" to obtain the supported group ids. You must provide this except for PrivateLinkService., Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--ip-config --ip-configs

The private endpoint ip configurations. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more. Singular flags: --ip-config.

Property Value
Parameter group: Static IP Configuration Arguments
--ip-version-type

Specifies the IP version type for the private IPs of the private endpoint. If not defined, this defaults to IPv4.

Property Value
Parameter group: Properties Arguments
Default value: IPv4
Accepted values: DualStack, IPv4, IPv6
--ipam-pool-prefix-allocations --ipam-prefix-allocs

A list of IPAM Pools for allocating IP address prefixes. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

Property Value
Parameter group: Properties Arguments
--location -l

Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>.

--manual-request

Use manual request to establish the connection. Configure it as 'true' when you don't have access to the subscription of private link service.

Property Value
Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--nic-name

The custom name of the network interface attached to the private endpoint.

--no-wait

Do not wait for the long-running operation to finish.

Property Value
Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--request-message

A message passed to the owner of the remote resource with this connection request. Restricted to 140 chars.

--service-gateway

Reference to an existing service gateway. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

Property Value
Parameter group: Properties Arguments
--sharing-scope

Set this property to Tenant to allow sharing subnet with other subscriptions in your AAD tenant. This property can only be set if defaultOutboundAccess is set to false, both properties can only be set if subnet is empty.

Property Value
Parameter group: Properties Arguments
Accepted values: DelegatedServices, Tenant
--tags

Space-separated tags: key[=value] [key[=value]...]. Use "" to clear existing tags. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--vnet-name

The virtual network (VNet) associated with the subnet (Omit if supplying a subnet id).

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az network private-endpoint delete

Edit

Delete a private endpoint.

az network private-endpoint delete [--acquire-policy-token]
                                   [--change-reference]
                                   [--ids]
                                   [--name]
                                   [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                                   [--resource-group]
                                   [--subscription]

Examples

Delete a private endpoint.

az network private-endpoint delete --name MyPrivateEndpoint --resource-group MyResourceGroup

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--acquire-policy-token

Acquiring an Azure Policy token automatically for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--change-reference

The related change reference ID for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

Property Value
Parameter group: Resource Id Arguments
--name -n

Name of the private endpoint.

Property Value
Parameter group: Resource Id Arguments
--no-wait

Do not wait for the long-running operation to finish.

Property Value
Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Property Value
Parameter group: Resource Id Arguments
--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Property Value
Parameter group: Resource Id Arguments
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az network private-endpoint list

Edit

List private endpoints.

az network private-endpoint list [--max-items]
                                 [--next-token]
                                 [--resource-group]

Examples

List private endpoints.

az network private-endpoint list -g MyResourceGroup

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--max-items

Total number of items to return in the command's output. If the total number of items available is more than the value specified, a token is provided in the command's output. To resume pagination, provide the token value in --next-token argument of a subsequent command.

Property Value
Parameter group: Pagination Arguments
--next-token

Token to specify where to start paginating. This is the token value from a previously truncated response.

Property Value
Parameter group: Pagination Arguments
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az network private-endpoint list-types

Edit

Returns all of the resource types that can be linked to a Private Endpoint in this subscription in this region.

az network private-endpoint list-types [--acquire-policy-token]
                                       [--change-reference]
                                       [--location]
                                       [--max-items]
                                       [--next-token]
                                       [--resource-group]

Examples

List all of the resource types

az network private-endpoint list-types -l centralus

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--acquire-policy-token

Acquiring an Azure Policy token automatically for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--change-reference

The related change reference ID for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--location -l

Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>. When not specified, the location of the resource group will be used.

--max-items

Total number of items to return in the command's output. If the total number of items available is more than the value specified, a token is provided in the command's output. To resume pagination, provide the token value in --next-token argument of a subsequent command.

Property Value
Parameter group: Pagination Arguments
--next-token

Token to specify where to start paginating. This is the token value from a previously truncated response.

Property Value
Parameter group: Pagination Arguments
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az network private-endpoint show

Edit

Get the details of a private endpoint.

az network private-endpoint show [--expand]
                                 [--ids]
                                 [--name]
                                 [--resource-group]
                                 [--subscription]

Examples

Get the details of a private endpoint

az network private-endpoint show --name MyPrivateEndpoint --resource-group MyResourceGroup

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--expand

Expands referenced resources.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

Property Value
Parameter group: Resource Id Arguments
--name -n

Name of the private endpoint.

Property Value
Parameter group: Resource Id Arguments
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Property Value
Parameter group: Resource Id Arguments
--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Property Value
Parameter group: Resource Id Arguments
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az network private-endpoint update

Edit

Update a private endpoint.

az network private-endpoint update [--acquire-policy-token]
                                   [--add]
                                   [--change-reference]
                                   [--force-string {0, 1, f, false, n, no, t, true, y, yes}]
                                   [--ids]
                                   [--ip-version-type {DualStack, IPv4, IPv6}]
                                   [--name]
                                   [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                                   [--remove]
                                   [--request-message]
                                   [--resource-group]
                                   [--set]
                                   [--subscription]
                                   [--tags]

Examples

Update a private endpoint.

az network private-endpoint update -g MyResourceGroup -n MyPE --request-message "test" --tags mytag=hello

Update a private endpoint.

az network private-endpoint update --name MyPE --resource-group MyResourceGroup --set useRemoteGateways=true

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--acquire-policy-token

Acquiring an Azure Policy token automatically for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--add

Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.

Property Value
Parameter group: Generic Update Arguments
--change-reference

The related change reference ID for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--force-string

When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.

Property Value
Parameter group: Generic Update Arguments
Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

Property Value
Parameter group: Resource Id Arguments
--ip-version-type

Specifies the IP version type for the private IPs of the private endpoint. If not defined, this defaults to IPv4.

Property Value
Parameter group: Properties Arguments
Accepted values: DualStack, IPv4, IPv6
--name -n

Name of the private endpoint.

Property Value
Parameter group: Resource Id Arguments
--no-wait

Do not wait for the long-running operation to finish.

Property Value
Accepted values: 0, 1, f, false, n, no, t, true, y, yes
--remove

Remove a property or an element from a list. Example: --remove property.list <indexToRemove> OR --remove propertyToRemove.

Property Value
Parameter group: Generic Update Arguments
--request-message

A message passed to the owner of the remote resource with this connection request. Restricted to 140 chars.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Property Value
Parameter group: Resource Id Arguments
--set

Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>.

Property Value
Parameter group: Generic Update Arguments
--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Property Value
Parameter group: Resource Id Arguments
--tags

Space-separated tags: key[=value] [key[=value]...]. Use "" to clear existing tags. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False

az network private-endpoint wait

Edit

Place the CLI in a waiting state until a condition is met.

az network private-endpoint wait [--acquire-policy-token]
                                 [--change-reference]
                                 [--created]
                                 [--custom]
                                 [--deleted]
                                 [--exists]
                                 [--expand]
                                 [--ids]
                                 [--interval]
                                 [--name]
                                 [--resource-group]
                                 [--subscription]
                                 [--timeout]
                                 [--updated]

Optional Parameters

The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.

--acquire-policy-token

Acquiring an Azure Policy token automatically for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--change-reference

The related change reference ID for this resource operation.

Property Value
Parameter group: Global Policy Arguments
--created

Wait until created with 'provisioningState' at 'Succeeded'.

Property Value
Parameter group: Wait Condition Arguments
Default value: False
--custom

Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].

Property Value
Parameter group: Wait Condition Arguments
--deleted

Wait until deleted.

Property Value
Parameter group: Wait Condition Arguments
Default value: False
--exists

Wait until the resource exists.

Property Value
Parameter group: Wait Condition Arguments
Default value: False
--expand

Expands referenced resources.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

Property Value
Parameter group: Resource Id Arguments
--interval

Polling interval in seconds.

Property Value
Parameter group: Wait Condition Arguments
Default value: 30
--name -n

Name of the private endpoint.

Property Value
Parameter group: Resource Id Arguments
--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Property Value
Parameter group: Resource Id Arguments
--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Property Value
Parameter group: Resource Id Arguments
--timeout

Maximum wait in seconds.

Property Value
Parameter group: Wait Condition Arguments
Default value: 3600
--updated

Wait until updated with provisioningState at 'Succeeded'.

Property Value
Parameter group: Wait Condition Arguments
Default value: False
Global Parameters
--debug

Increase logging verbosity to show all debug logs.

Property Value
Default value: False
--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

Property Value
Default value: False
--output -o

Output format.

Property Value
Default value: json
Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

Property Value
Default value: False