Private DNS Zone of Azure Static WebApp #102010
Comments
|
@arindam0310018 Thanks for the feedback! We are currently investigating and will update you shortly. |
AjayKumar-MSFT
added
the
escalated-content-team
|
Your feedback has been shared with the content owner for further review, and update the doc as appropriate. |
|
Hello @AjayKumar-MSFT Many Thanks |
|
@burkeholland, Requesting your review and comments on this. Thanks! |
|
Hello @AjayKumar-MSFT and @burkeholland Many Thanks |
|
Hello @AjayKumar-MSFT and @burkeholland Request for an update. Many Thanks |
|
Hello @AjayKumar-MSFT and @burkeholland Request for an update please... Many Thanks |
|
Hi @arindam0310018, regarding your question of the partition Id, Azure Static Web Apps has different partitions in order to support the amount of Static Web Apps that we host. Your Azure Static Web Apps default hostname will have that partition id in its url.
The private endpoint and the private DNS zone must match this url, which is why the DNS zone privatelink.{partitionId}.azurestaticapps.net is added Hope this answers your question |
|
Hello @thomasgauvin I had 2 part question (Request you to refer above):- Point 1: The details which you mentioned in your reply is missing in the MS documentation - https://learn.microsoft.com/en-us/azure/static-web-apps/private-endpoint. Point 2: It is completed. The Screenshot has been updated. Thank you for making it happen. @burkeholland and @AjayKumar-MSFT Many Thanks |
|
Hello @AjayKumar-MSFT and @burkeholland May I ask for an update please on Point 1 (Please refer to the above comment for details) Many Thanks |
|
Hello @AjayKumar-MSFT and @burkeholland May I ask for an update please on Point 1 (Please refer to the above comment for details). Many Thanks |
|
Hello @AjayKumar-MSFT and @burkeholland May I ask for an update please on Point 1 (Please refer to the above comment for details). I will close this issue as soon as Point 1 is clarified. Many Thanks |
|
arindam0310018, Apologies for the delay and any inconvenience with this! I had been discussing on this internally, it's been author ( @burkeholland) for a review. We appreciate your patience! |
|
If I may add - the way this is implemented really makes hub and spoke DNS at scale difficult: It seems like we will need to pre-create centralized DNS zones for all DNS partition IDs; and find a way for the DeployIfNotExists policy to determine which partition ID to put the record in. Today, the Static WebApp is exposing a groupId of "staticSites" regardless of the DNS partition ID, so for the DeployIfNotExists policy to determine which PrivateDNSZone to link to the private endpoint is bit challenging. |
|
Hello @rybal06 , Hello @AjayKumar-MSFT and @burkeholland Many Thanks |
|
hello @AjayKumar-MSFT and @burkeholland Many Thanks |
|
Hello @AjayKumar-MSFT and @burkeholland I see below which is very helpful for automating the Azure Static Webapp and Private DNS Zone. One Last update from my side -
Refer the below screenshots - Static WebApp:- Private DNS Zone:- With this information, I close the issue. When @AjayKumar-MSFT @burkeholland finds time, please update with more relevant information. I also Thank @rybal06 for his valuable inputs. Many Thanks |
|
arindam0310018, Thanks for all the updates and your feedback to improve Azure doc. Your feedback has been shared with the content owner (@burkeholland) for a review, and update the doc as appropriate. |
|
Thanks. I also had worked with the Azure Policy team on this issue. It turns out implementing https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/private-link-and-dns-integration-at-scale for static web apps is not possible using an Azure Policy based approach due to how DNS is implemented by the static web apps team with DNS partitions today. I was not able to find a scalable workaround myself either It might be good to add a note to this in the documentation for other customers that the recommended CAF approach is not compatible with Static Web Apps today. |
Hello Team,
While Configuring Private Endpoint of Azure Static WebApp, below Private DNS Zone gets created -
where 1 or 2 = DNS Partition ID
This completely depends upon Use Case.
I had 2 Use cases in 2 Different Subscription. On the 1st Use Case, both Private Endpoint DNS got created. In the 2nd Usecase only
"privatelink.2.azurestaticapps.net" private DNS Zone got created.
Now coming to my question:-
This DNS Partition ID details is only mentioned in the Provided link - https://learn.microsoft.com/en-us/azure/private-link/private-endpoint-dns. No Details is mentioned any where in the documentation to understand as why Azure Static WebApp Private endpoint DNS have such structure - privatelink.{partitionId}.azurestaticapps.net. It would be great if you include it in the documentation.
In the Current Documentation - https://learn.microsoft.com/en-us/azure/static-web-apps/private-endpoint, the Screenshot states the DNS Name as "privatelink.azurestaticapps.net". Refer below -
It should be replaced by "privatelink.1.azurestaticapps.net" and/or "privatelink.2.azurestaticapps.net" -
Please let me know.
Many Thanks
Regards, Arindam Mitra
Document Details
⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.
The text was updated successfully, but these errors were encountered: