azure-docs
azure-docs copied to clipboard
MicrosoftDocs
Document enhancement request for private endpoint dns zone
Customer may want to add private DNS zone to their private DNS server. According to this ticket: https://github.com/MicrosoftDocs/azure-docs/issues/91695. The default hostname could be a sub domain (i.e. ‘1.azurestaticapps.net’, ‘2.azurestaticapps.net’). I suggest we explain more details in the document. Thanks.
Every Static webapp will have a default hostname that ends with some DNS suffix. For some apps that will be ‘azurestaticapps.net’, for others it could be a sub domain (i.e. ‘1.azurestaticapps.net’, ‘2.azurestaticapps.net’). This is by design and allows the platform to be more resilient to DNS outages.
For private endpoints to work, you need to have an intermediate CNAME of .privatelink.. As a result, if you have a default hostname for your SWA that ends with ‘1.azurestaticapps.net’ then the private endpoint dns zone should be ‘privatelink.1.azurestaticapps.net’. This ‘1’ is not specific to private endpoints but just a result of the default hostname having it.
The default hostname and subdomain of your Static Web App are decided at create time and will remain constant until the app is deleted.
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
- ID: e0ff6e01-b10d-83b4-2faa-d0aabce7e554
- Version Independent ID: 92496f20-fdf2-4299-db90-5c95d0d88fcc
- Content: Configure private endpoint in Azure Static Web Apps
- Content Source: articles/static-web-apps/private-endpoint.md
- Service: static-web-apps
- GitHub Login: @burkeholland
- Microsoft Alias: buhollan
@rachelxj-ms Thanks for your feedback.
Assigning to content author @burkeholland for review.
Hi,
do we have an update on this or any more specific information in regards to potential subdomains? I guess it would be enough for customers if they'd at least know which privatelink DNS zones they need to create. Cheers, Andre
This is causing some confusion here as well.
-
Can
nbe 1,2,... up to what? inprivatelink.{n}.azurestaticapps.net?- This would help to know which private dns zones to create
-
Does anybody know if there is a policy that can account for this variance over PE's that's linked to staticSites (groupId: staticSites, privateLinkServiceId contains Microsoft.web/staticSites)?
- If I am to follow https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/private-link-and-dns-integration-at-scale to implement automatic registration of private endpoint into centrally managed private dns zones the policy need to know which private dns zone to register to...
Related:
- https://github.com/Azure/Enterprise-Scale/issues/1073
- https://github.com/Azure/terraform-azurerm-caf-enterprise-scale/issues/482
- https://github.com/Azure/ALZ-Bicep/issues/330
Thanks for your feedback and your contribution to Azure docs.
Feedback for this repository is moving away from GitHub to a system specific to the Microsoft Learn platform. Issues for this repository will soon be disabled, and additional comments from GitHub will no longer be possible. However, we are now tracking and triaging this issue in the new feedback system.
To learn more about our feedback systems, please see Provide feedback for Microsoft Learn content.
#please-close
