Azure Data Explorer and subnet delegation

Posted by

This post has been republished via RSS; it originally appeared at: Azure Data Explorer articles.

Subnet delegation enables you to designate a specific subnet for an Azure PaaS service of your choice that needs to be injected into your virtual network. When you delegate a subnet to Azure Data Explorer, you allow the service to establish some basic network configuration rules for that subnet, which help ADX to operate in a stable manner.




As a result, ADX adds a set of Network Intent Policies policies which are required for the service to work properly. In the past you had to create all of those Input and Output Network Security Group rules yourself and everytime we had to change some of the IPs you had to change some of them. 






Since beginning of June 2021 we are enforcing subnet delegation on the subnet you like to use for ADX. However we are aware of scenarios where customers need to opt-out because of certain requirements (Custom Private Link in the same subnet or company policies in general). For those situations we allow our customer to opt-out using the "preview features" configuration in the Azure portal. If you register for "Azure Data Explorer: opt out of subnet delegation" your ADX service deployments will not enforce subnet delegation to be enabled. 





This articles are republished, there may be more discussion at the original link. But if you found this helpful, you're more than welcome to let us know!

This site uses Akismet to reduce spam. Learn how your comment data is processed.