Configure Azure Private Link

To keep your network traffic private and minimize its attack surface, configure Azure Private Link¹ to establish a private connection between ValidMind and your company network.

¹ Azure Private Link: Create a private endpoint

Azure Private Link establishing a private connection to ValidMind

Azure Private Link is a networking service that allows secure and private communication between Azure Virtual Network (VNet) resources and services hosted in other VNets or in Azure partner services, such as ValidMind. With Azure Private Link, you can connect to services over the Azure network without exposing your network traffic to the public internet.

Private Link works by creating a private endpoint for a supported Azure service within your virtual private cloud. This endpoint acts as a proxy between your VNet and ValidMind, allowing traffic to be routed privately over the Azure network. To make the endpoint easier to use, ValidMind provides a private DNS name that model developers and validators can connect to in a browser.

The responsibility of setting up a private endpoint for Azure Private Link falls to your IT department, such as the cloud engineering, infrastructure, or security teams.

To learn more, check Access an Azure service using an interface private endpoint.

Prerequisites

You must have access to the Azure portal for your company and the necessary expertise to set up, configure, and maintain Azure services.

These steps assume that you already have established connectivity between your own company network and an Azure virtual network (VNet) and know which company VNet you want to connect to.

VNet service information

Region	Service name	Private DNS name
us-west-2	Email support@validmind.com	Email support@validmind.com

Steps

1. Create an Azure Private Endpoint:

   1. Log in to the Azure portal.
      
   2. Search for Private Endpoints under the services section.
      
   3. Click Create:
      • Select the subscription and resource group.
        
      • Provide a name for the endpoint.
        
   4. In the Resource tab, select:
      • The resource type
        
      • The specific resource
        
      • The sub-resource
        
   5. For networking, select:
      • The virtual network (VNet)
        
      • The subnet for the private endpoint
        
   6. Recommended: When prompted, integrate with an Azure Private DNS zone to simplify private IP name resolution.
      
   7. Review the configuration and then click Create to deploy the private endpoint.

2. Contact ValidMind at support@validmind.ai to get your new private endpoint connection request accepted. Include the following information:

   • The owner or account ID
     
   • The private endpoint IP address

3. After ValidMind has accepted your endpoint connection request, verify the endpoint is available:

   1. In the Azure portal, go to the Private Endpoints section.
      
   2. Verify that the connection status is Approved. This indicates that the endpoint is properly connected to the target service.

4. Enable the private DNS name:

   1. Check the private endpoint you created, click the Actions menu, and select Modify private DNS name.
      
   2. Select Enable for this endpoint.
      
   3. Click Save changes.
      
   4. Verify that Private DNS names shows the name shown in the VNet service information.

5. Test the connection:

   1. From your company network, access ValidMind using the private DNS name from the VNet service information.
      
   2. In a browser, confirm that you can successfully connect to ValidMind and log in.
      
   3. From your developer environment, confirm that you can connect to ValidMind with the library.

What’s next

After completing these steps, users on your company network can connect to ValidMind via Azure Private Link using the private DNS name from the VNet service information.