Use Event Grid Private Endpoints
July 7, 2025 ยท View on GitHub
SYNOPSIS
Use Private Endpoints to access Event Grid topics and domains.
DESCRIPTION
By default, public network access is enabled for an Event Grid topic or domain. To allow access via private endpoints only, disable public network access.
RECOMMENDATION
Consider using Private Endpoints to access Event Grid topics and domains. To limit access to Event Grid topics and domains, disable public access.
EXAMPLES
Configure with Bicep
To deploy Event Grid Topics that pass this rule:
- Set the
properties.publicNetworkAccessproperty toDisabled.
For example:
resource eventGrid 'Microsoft.EventGrid/topics@2022-06-15' = {
name: name
location: location
identity: {
type: 'SystemAssigned'
}
properties: {
disableLocalAuth: true
publicNetworkAccess: 'Disabled'
inputSchema: 'CloudEventSchemaV1_0'
}
}
Configure with Azure template
To deploy Event Grid Topics that pass this rule:
- Set the
properties.publicNetworkAccessproperty toDisabled.
For example:
{
"type": "Microsoft.EventGrid/topics",
"apiVersion": "2022-06-15",
"name": "[parameters('name')]",
"location": "[parameters('location')]",
"identity": {
"type": "SystemAssigned"
},
"properties": {
"disableLocalAuth": true,
"publicNetworkAccess": "Disabled",
"inputSchema": "CloudEventSchemaV1_0"
}
}