Azure Data Explorer (ADX) is a fast and scalable data analytics service that enables you to explore and analyze large volumes of diverse data. ADX supports different network security models to protect your data and control the access to your cluster. One of these models is Virtual Network (VNet) injection, which allows you to deploy your ADX cluster inside your own VNet and apply network policies and rules.
However, VNet injection has some limitations and drawbacks, such as increased complexity, reduced scalability, and dependency on public IP addresses. Therefore, we recommend that you migrate your VNet injected ADX cluster to a new network security model based on Azure Private Endpoints. Private endpoints enable you to connect to your ADX cluster using a private IP address within your VNet, without the need for public IP addresses.
We are excited to announce that we have released a preview feature that allows you to migrate your VNet injected ADX cluster to Private Endpoints with minimal downtime and disruption. The migration process is simple and can be done using the Azure portal, the ARM template, or any code which uses the ADX SDK.
To learn more about the migration process, the prerequisites, and the steps to follow, please read our detailed documentation article: Migrate Virtual Network injected Azure Data Explorer cluster
We appreciate your feedback and suggestions on this preview feature.