Azure Private Link is a technology designed to provide private connectivity to selected PaaS services, customer-owned, and partner-offered services.
Azure Private Link enables you to access Azure PaaS Services (for example, Azure Storage and SQL Database) and Azure-hosted customer-owned/partner services over a private endpoint in your virtual network.
Traffic between your virtual network and the service travels the Microsoft backbone network. Exposing your service to the public internet is no longer necessary. You can create your own private link service in your virtual network and deliver it to your customers. Setup and consumption using Azure Private Link is consistent across Azure PaaS, customer-owned, and shared partner services.
There are two key components of Azure Private Link:
Private Link has the following benefits
Azure Private Link enables you to access Azure PaaS Services and Azure hosted customer/partner services over a Private Endpoint in your virtual network.
Traffic between your virtual network and the service traverses over the Microsoft backbone network, eliminating exposure from the public Internet.
You can also create your own Private Link Service in your virtual network (VNet) and deliver it privately to your customers.
Clients can connect to the private endpoint from the same VNet, peered VNet in same region or across regions, or via VNet-to-VNet connection across regions. Additionally, clients can connect from on-premises using ExpressRoute, private peering, or VPN tunneling. Below is a simplified diagram showing the common use cases.
Here are some additional resources regarding Azure Private Link