Skip navigation

Private Link

Private access to services hosted on the Azure platform, keeping your data on the Microsoft network

Connect and deliver services privately on Azure

Azure Private Link provides private connectivity from a virtual network to Azure platform as a service (PaaS), customer-owned or Microsoft partner services. It simplifies the network architecture and secures the connection between endpoints in Azure by eliminating data exposure to the public Internet.

Private connectivity to services on Azure – traffic remains on the Microsoft network, with no public Internet access

Integration with on-premises and peered networks

Protection against data exfiltration for Azure resources

Services delivered directly to your customers’ virtual networks

How it works

Use Private Link to bring services delivered on Azure into your private virtual network by mapping it to a private endpoint. Or privately deliver your own services in your customers’ virtual networks. All traffic to the service can be routed through the private endpoint, so no gateways, NAT devices, ExpressRoute or VPN connections, or public IP addresses are needed. Private Link keeps traffic on the Microsoft global network.

Learn more

Protect Azure services against data exfiltration

Use Private Link to map private endpoints to Azure PaaS resources. In the event of a security incident within your network, only the mapped resource would be accessible, eliminating the threat of data exfiltration.

Get access from on-premises and peered networks

Access private endpoints over private peering or VPN tunnels from on-premises or peered virtual networks. Microsoft hosts the traffic, so you don’t need to set up public peering or use the Internet to migrate your workloads to the cloud.

Simplify the way you consume services on Azure

Privately consume Azure PaaS, Microsoft partner and your own services in your virtual networks on Azure. Private Link works across Azure Active Directory (Azure AD) tenants to help unify your experience across services. Send, approve or reject requests directly, without permissions or role-based access controls.

Achieve enhanced security and compliance

Private Link carries traffic privately – your data isn’t on the Internet. Service is mapped to Azure Virtual Networks through a private endpoint, which reduces your exposure to threats and helps you meet compliance standards.

Connect to services around the world

Connect privately to services running in other Azure regions. Private Link is global and has no regional restrictions.

Private Link offers simplified pricing

  • Only pay for private endpoint resource hours and the data processed through your private endpoint.

Developer resources

Documentation

Read the documentation to get up and running with Private Link.

Quickstarts and samples

Create a Private Link service or a private endpoint and view Azure portal, PowerShell and CLI samples.

Start using Private Link today

Get instant access and a $200 credit by signing up for an Azure free account.

Sign in to the Azure portal and select Azure Private Link.

Explore the Private Link documentation.

Trusted by companies of all sizes

"Azure Private Link will provide our joint customers the ability to establish secure and private connectivity between their Snowflake account and their infrastructure, whether it's running on Azure or on-premises."

Christian Kleinerman, VP of Product, Snowflake

"Azure Private Link adds to the security capabilities that are already available in MongoDB Atlas. Our joint customers can now establish private, unidirectional, and transitive connection between their environment and their Atlas deployment, allowing them to access their data simply and securely."

Andrew Davidson, VP of Cloud Products at MongoDB
MongoDB

"Azure Private Link enables our most security-conscious, joint customers to establish secure, one-way private connections from their Azure VNet and on-premises network to Confluent's platform for data in motion without the risk of data exfiltration or the need for complex IP address coordination."

Ganesh Srinivasan, Chief Product & Engineering Officer, Confluent
Confluent

"Elastic Cloud is the best way to run Elasticsearch and Kibana and leverage their powerful features for Observability, Security and Search. As part of our strategic partnership with Microsoft, we've integrated Elastic Cloud with Azure Private Link to allow our customers to move data more securely between their vNet and their Elastic Cloud deployments. Together with the ease of use of Private Link, this helps us to better serve business-critical customer workloads on Azure, ensuring that they can benefit from the highest standards of security and data protection."

Uri Cohen, Product Lead, Cloud at Elastic
Elastic

Frequently asked questions about Private Link

  • We guarantee that Private Link will be available at least 99.99% of the time. To learn more, please visit the SLA page.
  • Support is available through the Azure portal.

Get started with Private Link