Private access to services hosted on the Azure platform, keeping your data on the Microsoft network
Connect and deliver services privately on Azure
Azure Private Link provides private connectivity from a virtual network to Azure platform as a service (PaaS), customer-owned or Microsoft partner services. It simplifies the network architecture and secures the connection between endpoints in Azure by eliminating data exposure to the public Internet.
Private connectivity to services on Azure – traffic remains on the Microsoft network, with no public Internet access
Integration with on-premises and peered networks
Protection against data exfiltration for Azure resources
Services delivered directly to your customers’ virtual networks
How it works
Use Private Link to bring services delivered on Azure into your private virtual network by mapping it to a private endpoint. Or privately deliver your own services in your customers’ virtual networks. All traffic to the service can be routed through the private endpoint, so no gateways, NAT devices, ExpressRoute or VPN connections, or public IP addresses are needed. Private Link keeps traffic on the Microsoft global network.Learn more
Protect Azure services against data exfiltration
Use Private Link to map private endpoints to Azure PaaS resources. In the event of a security incident within your network, only the mapped resource would be accessible, eliminating the threat of data exfiltration.
Get access from on-premises and peered networks
Access private endpoints over private peering or VPN tunnels from on-premises or peered virtual networks. Microsoft hosts the traffic, so you don’t need to set up public peering or use the Internet to migrate your workloads to the cloud.
Simplify the way you consume services on Azure
Privately consume Azure PaaS, Microsoft partner and your own services in your virtual networks on Azure. Private Link works across Azure Active Directory (Azure AD) tenants to help unify your experience across services. Send, approve or reject requests directly, without permissions or role-based access controls.
Achieve enhanced security and compliance
Private Link carries traffic privately – your data isn’t on the Internet. Service is mapped to Azure Virtual Networks through a private endpoint, which reduces your exposure to threats and helps you meet compliance standards.
Connect to services around the world
Connect privately to services running in other Azure regions. Private Link is global and has no regional restrictions.
Private Link offers simplified pricing
- Only pay for private endpoint resource hours and the data processed through your private endpoint.
Start using Private Link today
Trusted by companies of all sizes
"Azure Private Link will provide our joint customers the ability to establish secure and private connectivity between their Snowflake account and their infrastructure, whether it's running on Azure or on-premises."Christian Kleinerman, VP of Product, Snowflake