Skills
skills/microsoftdocs/agent-skills/azure-private-link

azure-private-link

Installation
SKILL.md

Azure Private Link Skill

This skill provides expert guidance for Azure Private Link. Covers best practices, decision making, architecture & design patterns, limits & quotas, security, and configuration. It combines local quick-reference content with remote documentation fetching capabilities.

How to Use This Skill

IMPORTANT for Agent: Use the Category Index below to locate relevant sections. For categories with line ranges (e.g., L35-L120), use read_file with the specified lines. For categories with file links (e.g., [security.md](security.md)), use read_file on the linked reference file

IMPORTANT for Agent: If metadata.generated_at is more than 3 months old, suggest the user pull the latest version from the repository. If mcp_microsoftdocs tools are not available, suggest the user install it: Installation Guide

This skill requires network access to fetch documentation content:

  • Preferred: Use mcp_microsoftdocs:microsoft_docs_fetch with query string from=learn-agent-skill. Returns Markdown.
  • Fallback: Use fetch_webpage with query string from=learn-agent-skill&accept=text/markdown. Returns Markdown.

Category Index

Category Lines Description
Best Practices L34-L38 DNS design and configuration guidance for private endpoints, including zone setup, name resolution patterns, split-horizon DNS, and avoiding common DNS misconfigurations with Private Link
Decision Making L39-L44 Guidance on planning/migrating to Network Security Perimeter and designing Azure Private Link architectures optimized for security, segmentation, and cost.
Architecture & Design Patterns L45-L49 Designing DNS architectures for Private Endpoints using Azure Private Resolver, including name resolution patterns, forwarding rules, and integration with on-premises or hybrid networks
Limits & Quotas L50-L55 Info on Private Link service availability per resource type and how to raise per‑VNet Private Endpoint limits using High Scale configuration
Security L56-L62 RBAC setup for Private Link/Endpoint and Network Security Perimeter operations, plus inspecting and controlling Private Endpoint traffic with Azure Firewall.
Configuration L63-L74 Configuring Private Link/endpoint behavior: subnet and service policies, DNS names, SNAT bypass, NSPs, diagnostics, monitoring data, and endpoint property management.

Best Practices

Topic URL
Apply DNS integration best practices for Azure Private Endpoints https://learn.microsoft.com/en-us/azure/private-link/private-endpoint-dns-integration

Decision Making

Topic URL
Plan and transition Azure resources to Network Security Perimeter https://learn.microsoft.com/en-us/azure/private-link/network-security-perimeter-transition
Optimize Azure Private Link design for cost and security https://learn.microsoft.com/en-us/azure/private-link/private-link-cost-optimization

Architecture & Design Patterns

Topic URL
Design DNS infrastructure for Private Endpoints with Azure Private Resolver https://learn.microsoft.com/en-us/azure/private-link/tutorial-dns-on-premises-private-resolver

Limits & Quotas

Topic URL
Check Azure Private Link service availability by resource https://learn.microsoft.com/en-us/azure/private-link/availability
Increase Azure Private Endpoint per‑VNet limits with High Scale https://learn.microsoft.com/en-us/azure/private-link/increase-private-endpoint-vnet-limits

Security

Topic URL
Configure RBAC permissions for Azure Network Security Perimeter operations https://learn.microsoft.com/en-us/azure/private-link/network-security-perimeter-role-based-access-control-requirements
Assign Azure RBAC roles for Private Endpoint and Private Link deployment https://learn.microsoft.com/en-us/azure/private-link/rbac-permissions
Inspect and control Private Endpoint traffic using Azure Firewall https://learn.microsoft.com/en-us/azure/private-link/tutorial-inspect-traffic-azure-firewall

Configuration

Topic URL
Configure Private Link service Direct Connect destinations https://learn.microsoft.com/en-us/azure/private-link/configure-private-link-service-direct-connect
Create and manage network security perimeters with Azure CLI https://learn.microsoft.com/en-us/azure/private-link/create-network-security-perimeter-cli
Configure subnet network policies for private endpoints https://learn.microsoft.com/en-us/azure/private-link/disable-private-endpoint-network-policy
Configure privateLinkServiceNetworkPolicies for Private Link https://learn.microsoft.com/en-us/azure/private-link/disable-private-link-service-network-policy
Configure and manage Azure Private Endpoint properties https://learn.microsoft.com/en-us/azure/private-link/manage-private-endpoint
Reference for Azure Private Link monitoring data https://learn.microsoft.com/en-us/azure/private-link/monitor-private-link-reference
Enable and store Network Security Perimeter diagnostic logs https://learn.microsoft.com/en-us/azure/private-link/network-security-perimeter-diagnostic-logs
Configure private DNS zone names for Azure Private Endpoints https://learn.microsoft.com/en-us/azure/private-link/private-endpoint-dns
Configure SNAT bypass tags for Private Endpoint traffic via NVA https://learn.microsoft.com/en-us/azure/private-link/private-link-disable-snat
Weekly Installs
28
Repository
microsoftdocs/a…t-skills
GitHub Stars
496
First Seen
Mar 10, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykWarn
Installed on
opencode26
codex26
gemini-cli25
github-copilot24
antigravity23
amp23