vpn - Is it possible to add a Private IP-adress to the Azure Analysis Services?

Question

We were trying to get rid of all our IP whitelisting and avoid using it as much as possible. The main 2 reasons for this were to make everything more secure and also simplify it. Instead of asking for the clients IP-address (that would change over time) and modifying it all the time we wanted use a P2S VPN to avoid whitelisting. And deciding with the AAD VPN who could use the VPN and who couldn’t was also a nice way to give people permission to make use of the P2S VPN.

We successfully added a Private Endpoint to the SQL Server were users can connect to the SQL Server while using SSMS trough the P2S VPN. But the options seems to be not available for the Azure Analysis Services. Is there another a way to give the AAS a private IP-address or a workaround to avoid whitelisting as much as possible?

Answer 1

I’ve talked about this with a AAS Support Engineer, I got told that currently in 2020 either to add the Azure Analysis Services to a VNET so the P2S VPN can connect to it or connecting the Azure Analysis Services to a Private Endpoint isn’t possible. I understood that there is no other option than whitelisting the clients in the AAS Firewall.

Hopefully this answer helps someone in a similar situation.