Azure Key Vault—Private endpoints now available in preview
Published date: February 07, 2020
Establish a private connection between Azure Key Vault and other Azure services by using Azure Private Link, now available in preview for all public regions.
Azure Private Link enables you to access Azure services (for example, Azure Key Vault, Azure Storage, and Azure Cosmos DB) and Azure hosted customer/partner services over a private endpoint in your virtual network.
An Azure private endpoint is a network interface that connects you privately and securely to a service powered by Azure Private Link. The private endpoint uses a private IP address from your virtual network, effectively bringing the service into your virtual network. All traffic to the service can be routed through the private endpoint, so no gateways, NAT devices, ExpressRoute or VPN connections, or public IP addresses are needed. Traffic between your virtual network and the service traverses over the Microsoft backbone network, eliminating exposure from the public Internet. Use it to connect to an instance of an Azure resource, giving you the highest level of granularity in access control.
To get started, read the documentation.