Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

az network private-endpoint-connection list fails for Private Link Service resources

See original GitHub issue

This is autogenerated. Please review and update as needed.

Describe the bug

Command Name az network private-endpoint-connection list

Errors:

Resource type must be one of Microsoft.Batch/batchAccounts, Microsoft.Automation/automationAccounts, Microsoft.Authorization/resourceManagementPrivateLinks, Microsoft.AppConfiguration/configurationStores, Microsoft.BotService/botServices, Microsoft.Cache/Redis, Microsoft.CognitiveServices/accounts, Microsoft.Compute/diskAccesses, Microsoft.ContainerRegistry/registries, Microsoft.DBforMySQL/servers, Microsoft.DBforMariaDB/servers, Microsoft.DBforPostgreSQL/servers, Microsoft.Devices/IotHubs, Microsoft.DocumentDB/databaseAccounts, Microsoft.DigitalTwins/digitalTwinsInstances, Microsoft.EventGrid/topics, Microsoft.EventGrid/domains, Microsoft.EventHub/namespaces, Microsoft.HDInsight/clusters, Microsoft.HealthcareApis/services, microsoft.insights/privateLinkScopes, Microsoft.KeyVault/managedHSMs, Microsoft.Keyvault/vaults, Microsoft.MachineLearningServices/workspaces, Microsoft.Media/mediaservices, Microsoft.Network/applicationGateways, Microsoft.Purview/accounts, Microsoft.PowerBI/privateLinkServicesForPowerBI, Microsoft.Search/searchServices, Microsoft.ServiceBus/namespaces, Microsoft.SignalRService/signalr, Microsoft.Sql/servers, Microsoft.Storage/storageAccounts, Microsoft.StorageSync/storageSyncServices, Microsoft.Synapse/workspaces, Microsoft.Web/sites, Microsoft.Web/hostingEnvironments, Microsoft.SignalRService/WebPubSub

To Reproduce:

Steps to reproduce the behavior. Note that argument values have been redacted, as they may contain sensitive information.

Deploy a Private Link Service resource and create a private endpoint that needs approval. An easy way to do this is to deploy this sample:

az group deployment create -g MyResourceGroup --template-uri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.network/front-door-premium-vm-private-link/azuredeploy.json

Get the resource ID of the Private Link Service resource.
az network private-endpoint-connection list --id resource-id-of-private-link-service

Expected Behavior

This should return a list of private endpoint connections that are associated with the Private Link Service resource.

Note that this behaves correctly for resources like Azure Storage accounts, App Service apps, etc.

Also, note that the same problem here happens when approving connections by using the az network private-endpoint-connection approve command.

Environment Summary

macOS-12.1-arm64-arm-64bit, Darwin 21.2.0
Python 3.10.1
Installer: HOMEBREW

azure-cli 2.32.0

Extensions:
azure-devops 0.22.0

Dependencies:
msal 1.16.0
azure-mgmt-resource 20.0.0

Additional Context

Issue Analytics

State:
Created 2 years ago
Reactions:1
Comments:11 (8 by maintainers)

Top GitHub Comments

1reaction

ZengTaoxucommented, Oct 27, 2022

Hi @simonesavi, I have no way to repeat your question, please provide specific command steps. Or you can try the following command steps: az network vnet create -g {rg} -n {vnet_name} --subnet-name {subnet_name}

az network vnet subnet update -g {rg} --vnet-name {vnet_name} --name {subnet_name} --disable-private-endpoint-network-policies true

storage_id = az storage account create --name {account_name} --resource-group {rg} --query “[].id” -o tsv

group_id = az network private-link-resource list --id {storage_id} --query “[].properties.groupId” -o tsv

az network private-endpoint create -g {rg} -n {endpoint_name} --vnet-name {vnet_name} --subnet {subnet_name} --private-connection-resource-id {storage_id} --connection-name {endpoint_connection_name} --group-id {group_id} --manual-request

private-endpoint-connection-id = az network private-endpoint-connection list --id {storage_id} --query “[].id” -o tsv

az network private-endpoint-connection approve --id {private-endpoint-connection-id} --description “Approved”

1reaction

johndownscommented, Feb 17, 2022

@YuanyuanNi I don’t think that’s accurate. If I deploy a storage account with a private endpoint, then I can run

az network private-endpoint-connection list --id storage-account-resource-id

And it successfully returns a list of private endpoint connections for that storage account.

My feedback here is that it should behave the same way when I run the command and provide a Private Link Service resource ID.

(Note that your comment would be correct for other commands, such as az network private-endpoint-connection approve, but not for list.)

Top Results From Across the Web

Diagnose private links configuration issues on Azure Key Vault

Open the Private DNS Zone resource and click the Virtual network links option in the left menu. This will show a list of...

June 2021 – baeke.info

To do so, first list the private endpoint connections of your resource, in my case that is a web app: az network private-endpoint-connection...

Azure Synapse Private Endpoint Approve - Stack Overflow

Terraform Script called to create resource (code snippet 1); Another YAML file executed to approve endpoints using inline Bash (code snippet 2).

azure-cli 2.23.0 - PyPI

az network private -link-resource list : support more providers for –type (#17731). Packaging ... az ssh vm : Support VM SSH with Service...

Azure Private Link :: TigerGraph Cloud

Setting up Private Link on Azure. ... az network private-endpoint \ create -g resource-group \ -n private-endpoint \ --vnet-name <vnet> \ --subnet <subnet> ......