AMPLS Private Endpoint connected to Hub VNET #738
Labels
bug
Something isn't working
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
The Azure Monitor Private Link Scope gets created in the Hub tier.
The Log Analytics Workspace is in the Operations tier. It would make sense for the AMPLS and its Private Endpoint to be in the Operations tier and attached to the Operations VNET.
Besides, when using a small prefix for the hub subnet in the hub VNET, such as /28, which is not that uncommon for our customers using limited NIPR or SIPR IP space, the AMPLS Private Endpoint ends up using most available IP addresses in the hub subnet. Meanwhile the operations VNET sits empty.
Steps to Reproduce
Steps to reproduce the behavior:
Expected behavior
The Log Analytics Workspace is in the Operations Resource Group. The Azure Monitor Private Links Scope is in the Operations Resource Group and its Private Endpoint is attached to the Operations VNET.
Actual behavior
The Log Analytics Workspace is in the Operations Resource Group. The Azure Monitor Private Links Scope is in the Hub Resource Group and its Private Endpoint is attached to the Hub VNET.
Screenshots
Additional context
Operating System: Windows 11
Terraform Version: Bicep
Cloud (public, Azure Government, etc.): Both public and Azure US Gov
The text was updated successfully, but these errors were encountered: