Missing parameter in Azure Portal deployment of an Azure Data Explorer Cluster resource

REZAI Arash 0 Reputation points
2024-11-15T15:18:10.8766667+00:00

I've detected an issue with how the portal is deploying Data Explorer cluster resources. While having the following policy activated: "Public network access on Azure Data Explorer should be disabled - 43bc7be6-5e69-4b0d-a2bb-e815557ca673", you can deploy the resource through code explicitly by setting the "/clusters" parameter to "Disabled". However, in the Portal, despite selecting connectivity method "Private endpoint", you aren't allowed to create the resource due to policy violation. The policy itself looks correct, it is a matter of having that parameter being set in the ARM template of the Portal deployment of that particular resource as well. If you deploy a Data Explorer cluster resource yourselves, ensuring you've selected the connectivity method "Private endpoint", you can navigate to the Networking tab on the left and you'll see that "Public network access" is set to "Enabled from all networks" while it should in fact be set to "Disabled". This case should hence be redirected to whomever is in charge of the templates for Portal resource creation (or maybe a Data Explorer team?).

Azure Data Explorer
Azure Data Explorer
An Azure data analytics service for real-time analysis on large volumes of data streaming from sources including applications, websites, and internet of things devices.
537 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Sander van de Velde | MVP 33,956 Reputation points MVP
    2024-11-15T16:30:52.3966667+00:00

    Hello @REZAI Arash ,

    welcome to this moderated Azure community forum.

    Thanks for sharing your observation.

    It feels to me this is an omission of the Azure portal although the ARM solution is able to work around this issue.

    You can always give feedback in the Azure portal regarding issues:

    User's image

    I notified someone from the product team and asked him for a reaction.

    Thanks again for sharing this.


    If the response helped, do "Accept Answer". If it doesn't work, please let us know the progress. All community members with similar issues will benefit by doing so. Your contribution is highly appreciated.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.