pe changes

Author: GennadNY

articles/postgresql/TOC.yml

@@ -331,6 +331,8 @@
         items:
         - name: Azure portal
           href: flexible-server/how-to-manage-virtual-network-private-endpoint-portal.md
+        - name: Azure CLI
+          href: flexible-server/how-to-manage-virtual-network-private-endpoint-cli.md
         - name: Connect to managed data factory via Private Endpoint
           href: flexible-server/how-to-connect-to-data-factory-private-endpoint.md
       - name: Public access (allowed IP addresses)

articles/postgresql/flexible-server/concepts-networking-private-link.md

@@ -77,7 +77,6 @@ Clients can connect to the private endpoint from the same VNet, peered VNet in s
 
 ### Limitations and Supported Features for Private Link  Preview with Azure Database for PostgreSQL flexible server
 
-In  Preview of Private Endpoint for Azure Database for PostgreSQL flexible server, there are certain limitations as explain in cross feature availability matrix below.
 
 Cross Feature Availability Matrix for Private Endpoint in Azure Database for PostgreSQL flexible server.
 

articles/postgresql/flexible-server/how-to-manage-virtual-network-private-endpoint-cli.md

@@ -0,0 +1,104 @@
+---
+title: Manage virtual networks with Private Link - CLI
+description: Create an Azure Database for PostgreSQL - Flexible Server instance with public access by using the Azure CLI, and add private networking to the server based on Azure Private Link.
+author: gennadNY
+ms.author: gennadyk
+ms.service: postgresql
+ms.subservice: flexible-server
+ms.custom:
+  - ignite-2023
+ms.topic: how-to
+ms.date: 03/12/2024
+---
+
+
+# Create and manage virtual networks with Private Link for Azure Database for PostgreSQL - Flexible Server by using the Azure CLI
+
+[!INCLUDE [applies-to-postgresql-flexible-server](../includes/applies-to-postgresql-flexible-server.md)]
+
+Azure Database for PostgreSQL flexible server supports two types of mutually exclusive network connectivity methods to connect to your Azure Database for PostgreSQL flexible server instance. The two options are:
+
+* Public access through allowed IP addresses. You can further secure that method by using [Azure Private Link](./concepts-networking-private-link.md)-based networking with Azure Database for PostgreSQL flexible server. The feature is in preview.
+* Private access through virtual network integration.
+
+This article focuses on creating an Azure Database for PostgreSQL flexible server instance with public access (allowed IP addresses) by using the Azure portal. You can then help secure the server by adding private networking based on Private Link technology.
+
+You can use [Private Link](../../private-link/private-link-overview.md) to access the following services over a private endpoint in your virtual network:
+
+* Azure platform as a service (PaaS) services, such as Azure Database for PostgreSQL flexible server
+* Customer-owned or partner services that are hosted in Azure
+
+Traffic between your virtual network and a service traverses the Microsoft backbone network, which eliminates exposure to the public internet.
+
+> [!NOTE]
+> Azure Database for PostgreSQL flexible server supports Private Link based networking in General Availability in following regions:
+> * Canada East
+> *	Poland Central
+> *	Italy North
+> *	South India
+> *	UK West
+> *	Japan West
+> *	France South
+> *	Qatar Central
+> *	Jio India West
+> *	Australia Central
+> *	Korea South
+> *	Switzerland West
+> *	UAE Central
+> *	Australia Central 2
+> *	Germany North
+> *	Norway West
+> *	Brazil Southeast
+> *	South Africa West
+>
+> **You can create new Azure Database for PostgreSQL - Flexible Server, with Azure Private Link based networking utilizing Private Endpoints in these above listed regions under General Availability.**
+> **In the rest of Azure regions where Azure Database for PostgreSQL - Flexible Server is available, Azure Database for PostgreSQL flexible server supports Private Link based networking in Preview at this time.**
+>
+> **Important Prerequisite for regions where this feature is in Preview** Azure Database for PostgreSQL flexible server support for Private Endpoints in Preview requires enablement of [**Azure Database for PostgreSQL flexible server Private Endpoint capability** preview feature in your subscription](../../azure-resource-manager/management/preview-features.md). Only **after preview feature is enabled** you can create servers which are PE capable, i.e. can be networked using Private Link.
+
+## Prerequisites
+
+To add an Azure Database for PostgreSQL flexible server instance to a virtual network by using Private Link, you need:
+
+1.  A [virtual network](../../virtual-network/quick-create-portal.md#create-a-virtual-network). The virtual network and subnet should be in the same region and subscription as your Azure Database for PostgreSQL flexible server instance.
+
+  Be sure to remove any locks (**Delete** or **Read only**) from your virtual network and all subnets before you add a server to the virtual network, because locks might interfere with operations on the network and DNS. You can reset the locks after server creation.
+
+
+2. You need to sign in to your account using the [az login](/cli/azure/reference-index#az-login) command. Note the **ID** property, which refers to **Subscription ID** for your Azure account.
+
+```azurecli
+az login
+```
+
+3.  Select the specific subscription under your account using [az account set](/cli/azure/account#az-account-set) command. Make a note of the **ID** value from the **az login** output to use as the value for **subscription** argument in the command. If you have multiple subscriptions, choose the appropriate subscription in which the resource should be billed. To get all your subscription, use [az account list](/cli/azure/account#az-account-list).
+
+```azurecli
+az account set --subscription <subscription id>
+```
+
+## Create an Azure Database for PostgreSQL flexible server instance with a private endpoint
+
+1. Create virtual network, private endpoint, private DNS zone and link it
+
+  You can follow this Azure networking [doc](../../private-link/create-private-endpoint-cli.md) to complete these steps.
+
+2. Create PostgreSQL Flexible Server with no public access
+
+```azurecli
+
+az postgres flexible-server create --resource-group <resource_group_name> --name <server_name> --public-access 'None'
+```
+
+3. Approve the specified private endpoint connection created in first step associated with a PostgreSQL flexible server.
+
+```azurecli
+az postgres flexible-server private-endpoint-connection approve -g <resource_group> -s <server_name> -n <connection_name>        --description "Approve connection"
+```
+
+## Next steps
+
+* Learn more about [networking in Azure Database for PostgreSQL flexible server with Private Link](./concepts-networking-private-link.md).
+* Understand more about [virtual network integration in Azure Database for PostgreSQL flexible server](./concepts-networking-private.md).
+
+

articles/postgresql/flexible-server/how-to-manage-virtual-network-private-endpoint-portal.md

@@ -30,14 +30,40 @@ You can use [Private Link](../../private-link/private-link-overview.md) to acces
 
 Traffic between your virtual network and a service traverses the Microsoft backbone network, which eliminates exposure to the public internet.
 
+> [!NOTE]
+> Azure Database for PostgreSQL flexible server supports Private Link based networking in General Availability in following regions:
+> * Canada East
+> *	Poland Central
+> *	Italy North
+> *	South India
+> *	UK West
+> *	Japan West
+> *	France South
+> *	Qatar Central
+> *	Jio India West
+> *	Australia Central
+> *	Korea South
+> *	Switzerland West
+> *	UAE Central
+> *	Australia Central 2
+> *	Germany North
+> *	Norway West
+> *	Brazil Southeast
+> *	South Africa West
+>
+> **You can create new Azure Database for PostgreSQL - Flexible Server, with Azure Private Link based networking utilizing Private Endpoints in these above listed regions under General Availability.**
+> **In the rest of Azure regions where Azure Database for PostgreSQL - Flexible Server is available, Azure Database for PostgreSQL flexible server supports Private Link based networking in Preview at this time.**
+>
+> **Important Prerequisite for regions where this feature is in Preview** Azure Database for PostgreSQL flexible server support for Private Endpoints in Preview requires enablement of [**Azure Database for PostgreSQL flexible server Private Endpoint capability** preview feature in your subscription](../../azure-resource-manager/management/preview-features.md). Only **after preview feature is enabled** you can create servers which are PE capable, i.e. can be networked using Private Link.
+
 ## Prerequisites
 
 To add an Azure Database for PostgreSQL flexible server instance to a virtual network by using Private Link, you need:
 
 * A [virtual network](../../virtual-network/quick-create-portal.md#create-a-virtual-network). The virtual network and subnet should be in the same region and subscription as your Azure Database for PostgreSQL flexible server instance.
 
   Be sure to remove any locks (**Delete** or **Read only**) from your virtual network and all subnets before you add a server to the virtual network, because locks might interfere with operations on the network and DNS. You can reset the locks after server creation.
-* Registration of the [PostgreSQL private endpoint preview feature in your subscription](../../azure-resource-manager/management/preview-features.md).
+* Registration of the [PostgreSQL private endpoint preview feature in your subscription](../../azure-resource-manager/management/preview-features.md) if you are creating server in one of the regions where feature is in Preview.
 
 ## Create an Azure Database for PostgreSQL flexible server instance with a private endpoint