Policy Deploy-Private-DNS-Zones missing notebooks for azure machine learning workspace

[steph409]

The initiative Deploy-Private-DNS-Zones is missing the DNS entry for privatelink.notebooks.azure.net

The machine learning workspace, as per documentation, needs entries in two private DNS zones, privatelink.api.azureml.ms and privatelink.notebooks.azure.net.

Currently, the initiative Deploy-Private-DNS-Zones uses a built-in policy only takes care of the first one. I was not able to find a built-in policy that would do the trick.

When I deployed the private Machine learning workspace, while connecting, I got the following error message:

When I manually add the private DNS zone configuration for notebooks, it disappears and connection works as expected.

It would be great if this would be done automatically by the initiative as well.

[jtracey93]

Thanks @steph409 for the issue report. @Springstone can we investigate 👍

[Springstone]

We have a related issue #1486, we'll group these together to address the issue for both. It's on the backlog and we'll resolve as soon as possible. AB#32352

[Springstone]

@rozkurt please investigate.

[Springstone]

As there is no built-in policy for Notebooks, we'll test this with a new custom policy we'll be introducing for generic Private DNS Zones, and validate that it works.

[haflidif]

As there is no built-in policy for Notebooks, we'll test this with a new custom policy we'll be introducing for generic Private DNS Zones, and validate that it works.

@Springstone Any ETA on that Custom Policy ?

[haflidif]

As there is no built-in policy for Notebooks, we'll test this with a new custom policy we'll be introducing for generic Private DNS Zones, and validate that it works.

@Springstone Any ETA on that Custom Policy ?

Am I looking at it in the wrong way or isn't this policy here https://www.azadvertizer.net/azpolicyadvertizer/ee40564d-486e-4f68-a5ca-7a621edae0fb.html Version 1.1.0 already supporting two PrivateDNSZoneGroupIDs ?