General availability: Application security groups support for private endpoints
Published date: January 24, 2023
Private endpoint support for application security groups (ASGs) is now generally available. This feature enhancement will allow you to add granular controls on top of existing network security group (NSG) rules by attaching an ASG to the private endpoint network interface. This will increase segregation within your subnets without losing security rules. In order to leverage this feature, you will need to set a specific subnet level property, called PrivateEndpointNetworkPolicies, to enabled on the subnet containing private endpoint resources.
At this time, Private Link application security group support is available in most public regions.
This feature will be available in the following regions at this time:
US East, US West, US North, US South, US Central, US East 2, Europe North, Europe West, Asia East, Asia South East, Japan East, Japan West, Brazil South, Australia East, Australia South East, India Central, India South, Canada Central, Canada East, US West 2, US West Central, UK West, UK South, Korea South, Korea Central, France South, France Central, Australia Central, South Africa North, United Arab Emirates Central, United Arab Emirates North, Switzerland North, Switzerland West, Germany North, Germany West Central, Norway East, Norway West, US West 3, Jio India Central, Jio India West, Sweden South, Sweden Central, Qatar Central, US Central Early Updates Access Program, US East 2 Early Updates Access Program
Overview of application security groups:
Azure application security groups overview | Microsoft Docs
How it works:
Configure an application security group with a private endpoint - Azure Private Link | Microsoft Learn
Managing private endpoint network policies:
Managing network policies for private endpoints - Azure Private Link | Microsoft Docs
Overview of network security groups:
Azure network security groups overview | Microsoft Docs
What is Private Link: