Update conceptual-gitops-flux2.md

Chris Sanders · Chris Sanders · commit a1e750f31d60 · 2022-05-03T07:05:36.000-07:00
Add section on Private Link support
diff --git a/articles/azure-arc/kubernetes/conceptual-gitops-flux2.md b/articles/azure-arc/kubernetes/conceptual-gitops-flux2.md
@@ -4,10 +4,8 @@ description: "This article provides a conceptual overview of GitOps in Azure for
 keywords: "GitOps, Flux, Kubernetes, K8s, Azure, Arc, AKS, Azure Kubernetes Service, containers, devops"
 services: azure-arc, aks
 ms.service: azure-arc
-ms.date: 1/24/2022
+ms.date: 5/3/2022
 ms.topic: conceptual
-author: csand-msft
-ms.author: csand
 ---
 
 # GitOps in Azure
@@ -87,6 +85,12 @@ Each `fluxConfigurations` resource in Azure will be associated in a Kubernetes c
 > * `fluxconfig-agent` monitors for new or updated `fluxConfiguration` resources in Azure. The agent requires connectivity to Azure for the desired state of the `fluxConfiguration` to be applied to the cluster. If the agent is unable to connect to Azure, there will be a delay in making the changes in the cluster until the agent can connect. If the cluster is disconnected from Azure for more than 48 hours, then the request to the cluster will time-out, and the changes will need to be re-applied in Azure.
 > * Sensitive customer inputs like private key and token/password are stored for less than 48 hours in the Kubernetes Configuration service. If you update any of these values in Azure, assure that your clusters connect with Azure within 48 hours.
 
+## GitOps with Private Link
+
+If you've added support for private link to an Azure Arc-enabled Kubernetes cluster, then the `microsoft.flux` extension works out-of-the-box with communication back to Azure. For connections to your Git repository, Helm repository, or any other endpoints that are needed to deploy your Kubernetes manifests, you will need to provision these endpoints behind your firewall or whitelist them on your firewall so that the Flux Source controller can successfully reach them.
+
+For more information on private link scopes in Azure Arc, refer to [this document](../servers/private-link-security#create-a-private-link-scope).
+
 ## Data residency
 The Azure GitOps service (Azure Kubernetes Configuration Management) stores/processes customer data. By default, customer data is replicated to the paired region. For the regions Singapore, East Asia, and Brazil South, all customer data is stored and processed in the region.
 
