Azure Private Link provides a way to be able to access resources sitting behind an Azure Load Balancer (such as Virtual Machines) to be accessed by other Azure services using Private Endpoints from their own VNets. It’s basically a way to access resources that do not directly support Private Link to be able to. The Private Link Service will get an alias assigned to it that is basically a DNS Name that can be used to access the Load Balancer sitting behind it.

Using the Azure CLI, you can retrieve the value for the Private Link Services Alias (aka DNS Name) by using the az network private-link-service show command and the help of the --query parameter to retrieve just the alias value for the requested Azure Private Link Service.

Here’s a simple Azure CLI command for retrieving the Private Link Service Alias:

privateLinkServiceAlias=$(az network private-link-service show --resource-group <resource-group-name> --name <private-link-service-name> -o tsv --query alias)

Be sure to replace the <resource-group-name> and <private-link-service-name> placeholders above with the Resource Group and Private Link Service name you need to retrieve the Alias value for.

A time where this was extremely useful for me what when I needed to configure Azure Synapse’s Managed Private Endpoint feature to be able to connect to an on-premise Virtual Machine using Private Link by connecting a Private Link Service. When configuring Private Link Service on Azure Synapse’s Managed Private Endpoint feature, you need to configure the Private Link Service Alias as the DNS name the Managed Private Endpoint is used to resolve. I needed to use the above command to write a script that ran in Azure DevOps to configure the environment in an automated fashion as part of my job duties as the SRE on the team. This is just a little context of where I found this command extremely useful. Perhaps I’ll write more about configuring Azure Synapse’s Managed Private Endpoint features in the future. Until then…

Happy scripting!