The intent of this article is to explain how we deployed widely Azure Private Link on PaaS Services and how we tackled the DNS part of this technology, both for on-premise and Azure machines/workstations. Azure Private Link Azure Private Link [https://docs.microsoft.com/en-US/azure/private-link/private-link-overview] is
Context Azure implementation at Michelin follows Microsoft recommendations: we have several virtual Data Centers (vDC) in different regions connected to our "on-premises" network through Express Route. In terms of network topology, we leverage the traditional hub and spoke model: The vast majority of the workload are Virtual Machines
Within Michelin, we have connections from several geographic points to Azure regions, through Express Route circuits. An important requirement from our Network and Security teams is the capability to inspect and analyze the network traffic between all our assets. We already had visibility of network traffic between "on-premise"