Skip to main content

Migration of Azure Virtual Network injected Azure Data Explorer cluster to Private Endpoints

Published date: December 04, 2023

Azure Data Explorer (ADX) is a fast and scalable data analytics service that enables you to explore and analyze large volumes of diverse data. ADX supports different network security models to protect your data and control the access to your cluster. One of these models is Virtual Network (VNet) injection, which allows you to deploy your ADX cluster inside your own VNet and apply network policies and rules.

However, VNet injection has some limitations and drawbacks, such as increased complexity, reduced scalability, and dependency on public IP addresses. Therefore, we recommend that you migrate your VNet injected ADX cluster to a new network security model based on Azure Private Endpoints. Private endpoints enable you to connect to your ADX cluster using a private IP address within your VNet, without the need for public IP addresses.

We are excited to announce that we have released a preview feature that allows you to migrate your VNet injected ADX cluster to Private Endpoints with minimal downtime and disruption. The migration process is simple and can be done using the Azure portal, the ARM template, or any code which uses the ADX SDK.

To learn more about the migration process, the prerequisites, and the steps to follow, please read our detailed documentation article: Migrate Virtual Network injected Azure Data Explorer cluster

We appreciate your feedback and suggestions on this preview feature.

  • Azure Data Explorer
  • Azure Private Link
  • Features
  • Security