DOC-1168 Private Link for Azure in UI (#301)

micheleRP · web-flow · commit c8150395e509 · 2025-07-17T13:23:46.000-06:00
* DOC-1168 Private Link for Azure in UI

# Conflicts:
#	modules/get-started/pages/whats-new-cloud.adoc

* coderabbit suggestions

* rename file to include azure for better search

* remove LA from Azure Private Link

* update What's New

* remove section to enable on existing cluster

* edits from UI fix

* incorporate review feedback

* left-align screenshot in Access section
diff --git a/modules/ROOT/nav.adoc b/modules/ROOT/nav.adoc
@@ -33,6 +33,7 @@
 **** xref:networking:aws-privatelink.adoc[Configure PrivateLink with the Cloud API]
 **** xref:networking:byoc/aws/transit-gateway.adoc[Add a Transit Gateway]
 *** xref:networking:byoc/azure/index.adoc[Azure]
+**** xref:networking:azure-private-link-in-ui.adoc[]
 **** xref:networking:azure-private-link.adoc[]
 *** xref:networking:byoc/gcp/index.adoc[GCP]
 **** xref:networking:byoc/gcp/vpc-peering-gcp.adoc[Add a Peering Connection]
@@ -44,6 +45,7 @@
 **** xref:networking:configure-privatelink-in-cloud-ui.adoc[Configure PrivateLink in the Cloud UI]
 **** xref:networking:aws-privatelink.adoc[]
 *** xref:networking:dedicated/azure/index.adoc[Azure]
+**** xref:networking:azure-private-link-in-ui.adoc[]
 **** xref:networking:azure-private-link.adoc[]
 *** xref:networking:dedicated/gcp/index.adoc[GCP]
 **** xref:networking:dedicated/gcp/vpc-peering-gcp.adoc[Add a Peering Connection]
diff --git a/modules/get-started/pages/cloud-overview.adoc b/modules/get-started/pages/cloud-overview.adoc
@@ -266,7 +266,6 @@ The following features are currently in limited availability in Redpanda Cloud:
 * Serverless
 * Dedicated and BYOC for Azure
 * BYOVPC for GCP
-* Azure Private Link
 
 == Features in beta
 
diff --git a/modules/get-started/pages/whats-new-cloud.adoc b/modules/get-started/pages/whats-new-cloud.adoc
@@ -9,17 +9,21 @@ This page lists new features added to Redpanda Cloud.
 
 == July 2025
 
+=== Azure Private Link in the UI: GA
+
+You can now xref:networking:azure-private-link-in-ui.adoc[configure Azure Private Link] for a new BYOC or Dedicated cluster using the Cloud UI. The Azure Private Link service is generally available (GA) in both the Cloud UI and the Cloud API. 
+
 === Redpanda Connect in Redpanda Cloud: GA
 
 xref:develop:connect/about.adoc[Redpanda Connect] is now generally available (GA) in all Redpanda Cloud clusters: BYOC (including BYOVPC/BYOVNet), Dedicated, and Serverless. 
 
 === Redpanda Connect updates
 
-The latest release of Redpanda Connect includes the following updates for Redpanda Cloud:         
+Redpanda Connect includes the following updates for Redpanda Cloud:         
 
-* The xref:develop:connect/components/inputs/gcp_spanner_cdc.adoc[GCP Spanner CDC] component lets you capture changes from Google Cloud Spanner and stream them into Redpanda. You can use the GCP Spanner CDC input component to ingest data from GCP Spanner databases, enabling real-time data processing and analytics.
-* The xref:develop:connect/components/outputs/slack_reaction.adoc[Slack Reaction] component lets you send messages to a Slack channel in response to events in Redpanda. You can use the Slack Reaction output component to create alerts, notifications, or other automated responses based on data changes in Redpanda. 
-* The xref:develop:connect/components/caches/redpanda.adoc[Redpanda Cache] component lets you cache data in Redpanda, improving performance and reducing latency for data access. You can use the Redpanda cache component to store frequently accessed data, such as configuration settings or user profiles, in Redpanda. 
+* The xref:develop:connect/components/inputs/gcp_spanner_cdc.adoc[GCP Spanner CDC] component lets you capture changes from Google Cloud Spanner and stream them into Redpanda. You can use it to ingest data from GCP Spanner databases, enabling real-time data processing and analytics.
+* The xref:develop:connect/components/outputs/slack_reaction.adoc[Slack Reaction] component lets you send messages to a Slack channel in response to events in Redpanda. You can use it to create alerts, notifications, or other automated responses based on data changes in Redpanda. 
+* The xref:develop:connect/components/caches/redpanda.adoc[Redpanda Cache] component lets you cache data in Redpanda, improving performance and reducing latency for data access. You can use it to store frequently accessed data, such as configuration settings or user profiles, in Redpanda. 
 
 For more detailed information about recent component updates, see xref:redpanda-connect:ROOT:whats_new_rpcn.adoc[What's New in Redpanda Connect].
 
diff --git a/modules/networking/pages/aws-privatelink.adoc b/modules/networking/pages/aws-privatelink.adoc
@@ -1,5 +1,5 @@
 = Configure AWS PrivateLink with the Cloud API
-:description: Set up AWS PrivateLink to securely access Redpanda Cloud.
+:description: Set up AWS PrivateLink with the Cloud API.
 :page-aliases: deploy:deployment-option/cloud/aws-privatelink.adoc
 
 
diff --git a/modules/networking/pages/azure-private-link-in-ui.adoc b/modules/networking/pages/azure-private-link-in-ui.adoc
@@ -0,0 +1,42 @@
+= Configure Azure Private Link in the Cloud UI
+:description: Set up Azure Private Link in the Redpanda Cloud UI.
+
+NOTE: This guide is for configuring new clusters with Azure Private Link using the Redpanda Cloud UI. To configure and manage Private Link on an existing cluster, you must use the xref:networking:azure-private-link.adoc[Cloud API].
+
+The Redpanda Azure Private Link service provides secure access to Redpanda Cloud from your own VNet. Traffic over Private Link does not go through the public internet because these connections are treated as their own private Azure service. While your VNet has access to the Redpanda virtual network, Redpanda cannot access your VNet.
+
+Consider using the endpoint service if you have multiple VNets and could benefit from a more simplified approach to network management:
+
+* Azure Private Link allows overlapping xref:networking:cidr-ranges.adoc[CIDR ranges].
+* You control which Azure subscriptions are allowed to connect to the endpoint service.
+
+== Requirements
+
+* Your Redpanda cluster and VNet must be in the same region.
+* Use the https://learn.microsoft.com/en-us/cli/azure/get-started-with-azure-cli?view=azure-cli-latest[Azure command-line interface (CLI)^] to create a new client VNet or modify an existing one to use the Private Link endpoint.
+
+TIP: In Kafka clients, set `connections.max.idle.ms` to a value less than 350 seconds. 
+
+== Enable endpoint service for new clusters
+
+. In the Redpanda Cloud UI, create a new cluster.
+. On the *Networking* page:
+.. For *Connection type*, select *Private*.
+.. For *Azure Private Link*, select *Enabled*.
+.. For *Allowed subscriptions*, click *Add subscription*, and enter the Azure subscription ID that can access the cluster. You can add multiple subscriptions.
+
+
+== Access Redpanda services through VNet endpoint
+
+To access Redpanda services, follow the steps on the cluster's *Overview* page. In the *How to connect* section, click *Private Link*. 
+
+image::shared:private-link-tab.png[Private Link tab in Overview page,align="left"]
+
+include::networking:partial$private-links-access-rp-services-through-vpc.adoc[]
+
+== Test the connection
+
+You can test the connection to the endpoint service from any VM or container in the consumer VNet. If configuring a client isn't possible right away, you can do these checks using `rpk` or cURL:
+
+include::networking:partial$private-links-test-connection.adoc[]
+
diff --git a/modules/networking/pages/azure-private-link.adoc b/modules/networking/pages/azure-private-link.adoc
@@ -1,7 +1,7 @@
 = Configure Azure Private Link with the Cloud API
-:description: Learn how to configure private networking for clusters on Azure.
+:description: Set up Azure Private Link with the Cloud API.
 
-include::shared:partial$feature-flag.adoc[]
+NOTE: For UI-based configuration of Azure Private Link, see xref:networking:azure-private-link-in-ui.adoc[Configure Azure Private Link in the Cloud UI].
 
 The Redpanda Azure Private Link service provides secure access to Redpanda Cloud from your own virtual network. Traffic over Azure Private Link does not go through the public internet, but instead through Microsoft's backbone network. While clients can initiate connections against the Redpanda Cloud cluster endpoints, Redpanda Cloud services cannot access your virtual networks directly.
 
diff --git a/modules/networking/pages/byoc/index.adoc b/modules/networking/pages/byoc/index.adoc
@@ -1,3 +1,3 @@
 = Networking: BYOC
-:description: Learn how to create a VPC peering connection, how to configure AWS PrivateLink, and how to configure GCP Private Service Connect. 
+:description: Learn how to create a VPC peering connection and how to configure private networking with AWS PrivateLink, Azure Private Link, and GCP Private Service Connect. 
 :page-layout: index
diff --git a/modules/networking/pages/dedicated/index.adoc b/modules/networking/pages/dedicated/index.adoc
@@ -1,3 +1,3 @@
 = Networking: Dedicated
-:description: Learn how to create a VPC peering connection, how to configure AWS PrivateLink, and how to configure GCP Private Service Connect. 
+:description: Learn how to create a VPC peering connection and how to configure private networking with AWS PrivateLink, Azure Private Link, and GCP Private Service Connect. 
 :page-layout: index
diff --git a/modules/shared/images/private-link-tab.png b/modules/shared/images/private-link-tab.png
