You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: pages/authzed/guides/setting-up-private-networking.mdx
+46Lines changed: 46 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -103,3 +103,49 @@ desc = No schema has been defined; please call WriteSchema to start
103
103
## GCP Steps
104
104
105
105
Coming Soon
106
+
107
+
## Azure Steps
108
+
109
+
<Steps>
110
+
111
+
### Onboarding
112
+
113
+
The customer success team at AuthZed should reach out about Private Networking during onboarding.
114
+
115
+
In the case where there's any miscommunication, please reach out via Slack or [schedule a call](https://authzed.com/call).
116
+
117
+
### Create an Azure Private Endpoint
118
+
119
+
[Azure PrivateLink](https://azure.microsoft.com/en-us/products/private-link) is the core technology involved in this process.
120
+
121
+
Login to the [Azure Portal](https://portal.azure.com/) and go to the private endpoint page.
122
+
Create a new private endpoint and select the following options:
123
+
124
+
| Option | Selection |
125
+
| :-------------------: | :-------------------:|
126
+
| Name | Choose a descriptive name for your private endpoint. |
127
+
| Connection method | Connect to an Azure resource by resource ID or alias. |
128
+
| Alias | Enter the alias provided to you by the AuthZed team. |
129
+
| Subnet | Choose the subnet where your SpiceDB clients will be deployed. |
130
+
| Network Security Group | If you use a NSG, configure it to allow inbound traffic on port 443 from your clients. |
131
+
132
+
### Configure DNS
133
+
134
+
To access the private endpoint, you need to configure DNS resolution.
135
+
This can be done by creating a private DNS zone in Azure.
136
+
137
+
Go to the private DNS zones page in the [Azure Portal](https://portal.azure.com/) and create a new private DNS zone.
138
+
Use the following settings:
139
+
140
+
- Set the name of the private DNS zone using the DNS name of your SpiceDB cluster which is available in the AuthZed Dedicated management dashboard.
141
+
- Create an A record for the root (@) in the private DNS zone that points to the private IP address of your private endpoint which was created earlier.
142
+
143
+
Now we need to link the private DNS zone to the virtual network where the private endpoint is located:
144
+
145
+
- Click on Virtual Network Links and then click **Add**.
146
+
- Name the link and select the virtual network where your private endpoint is located.
147
+
- Enable the option **auto registration** to automatically register DNS records for resources in the virtual network.
148
+
149
+
For more details on configuring Private Endpoints and DNS in Azure, refer to the [Azure documentation](https://learn.microsoft.com/en-us/azure/dns/private-dns-getstarted-portal).
0 commit comments