0

I have disabled the public connection for my azure postgresql database and created the private endpoint connection, I pointed my relevant vnet and subnet while private endpoint creation. Private endpoint connection configuration for successful and it is inapproved status. But I could not able to connect my database vi pgadmin using dns name. I'm getting the following error.

The public network access on this server is disabled. To connect to this server, use the Private Endpoint from inside your virtual network. FATAL:

But same is working with private ip of private endpoint.

I'm assume its because of dns configuration issue. I checked my private dns zone too. I'm able see the relevant record for my private ip in dns zone. I'm not sure what I'm missing.

Additional Clarification

  1. Shall we configure multiple private endpoint for same resource(Postgresql) to multiple vnets?

  2. Latest private endpoint ip overriding the previous endpoint ip in private dns zone? It's throwing dns resolvable issues. Is that expected way ?

Anyone please advise me on this?

Reference:

https://learn.microsoft.com/en-us/azure/private-link/troubleshoot-private-endpoint-connectivity

https://learn.microsoft.com/en-us/azure/postgresql/concepts-data-access-and-security-private-link#use-cases-of-private-link-for-azure-database-for-postgresql

Debugger
  • 690
  • 1
  • 18
  • 41

1 Answers1

0

The public network access on this server is disabled. To connect to this server, use the Private Endpoint from inside your virtual network. FATAL:

The above error indicates that the Deny Public Network Access configuration on the database server is set to Yes

So, you would be able to access using private endpoint.

If you are able to access via the private IP but not with private endpoint, this suggests that you have enabled multiple private endpoints for the same Postgres server.

Shall we configure multiple private endpoints for same resource (PostgreSQL) to multiple VNETs?

You do not need to configure multiple private endpoints for same resource.

You can use the single private endpoint. To connect to other VNETs, you can do VNET peering between the VNETs. So, you would be able to access the Postgres server from other VNETs through the private endpoint.

Latest private endpoint IP overriding the previous endpoint IP in private DNS zone? It's throwing DNS resolvable issues. Is that expected way?

As you are using multiple private endpoints for the same resource, this might be the reason for throwing DNS resolvable issues.

So, you can use single private endpoint for your PostgreSQL. You would be able to access using both private endpoint and private IP address

RamaraoAdapa
  • 2,837
  • 2
  • 5
  • 11