Using Private Endpoint in Azure Storage Account with Terraform

Guillermo Musumeci
6 min readAug 31, 2022

In this story, we will learn how to enable Private Endpoint in Azure Storage Accounts with Terraform.

A private endpoint is a special network interface for an Azure service in our VNet (Virtual Network).

Creating a private endpoint for our Azure Storage Account provides secure connectivity between clients on our VNet and our storage.

The Private Endpoint uses a separate private IP address from the VNet address space for each storage account.

The network traffic between the clients on the VNet and the storage account traverses over the VNet and a private link on the Microsoft backbone network, eliminating exposure from the public internet.

Source: https://docs.microsoft.com/en-us/azure/storage/common/storage-private-endpoints

1. Creation of an Azure Storage Account with a Private Endpoint

The process to create the Azure Storage Account with Private Endpoint requires several steps in this specific order:

  1. Resource Group Creation
  2. VNET Creation
  3. Subnet Creation
  4. Associate existing Private DNS…

--

--

Guillermo Musumeci

Certified AWS, Azure & GCP Architect | HashiCorp Ambassador | Terraform SME | KopiCloud Founder | ex-AWS | Entrepreneur | Book Author | Husband & Dad of ✌