Azure Maps Adds Private Endpoint Support for Enhanced Security

Azure Maps has announced Public Preview support for private endpoints, bringing enterprise-grade network isolation and data privacy to location-aware applications. This new capability allows organizations to keep sensitive location data traffic within Azure's private backbone network rather than traversing the public internet.

Enhanced Security for Location Data

Location data is inherently sensitive, making security a top priority for organizations handling geospatial information. With Azure Private Link integration, applications can now connect to Azure Maps over private IP addresses within your virtual network. This approach keeps API calls off the public internet, significantly reducing exposure to external threats while maintaining compliance with stringent security requirements.

What Changes with Private Endpoints

The implementation creates a secure network bridge between your Azure Virtual Network (VNet) and Azure Maps using private endpoint technology. Key changes include:

• Network isolation: All API calls remain within Azure's private backbone, never exposed to the public internet
• Compliance support: Sensitive spatial data never traverses public networks, directly supporting privacy and regulatory requirements
• DNS integration: Azure automatically creates a Private DNS zone for privatelink.account.maps.azure.com with necessary DNS records

Implementation Details

Setting up a private endpoint involves creating a connection between your VNet and Azure Maps account. The process requires specifying your Maps account resource ID, the mapsAccount sub-resource, and the target virtual network and subnet.

Once configured, applications call the Azure Maps account-specific endpoint using the pattern: https://{maps-account-client-id}.{location}.account.maps.azure.com. For example, a Maps account with client ID "abc123" in East US would use https://abc123.eastus.account.maps.azure.com instead of the public endpoint.

Business Impact

This enhancement enables teams to build secure, compliant geospatial solutions across various industries. Healthcare organizations handling Protected Health Information (PHI), logistics companies optimizing routes, and financial services firms running sensitive analytics can now leverage location intelligence without risking data exposure.

The solution maintains developer productivity by preserving existing integration patterns—developers simply update the endpoint to the account-specific private DNS name. Network and security administrators gain seamless VNet integration with granular access controls, while business leaders can unlock location intelligence capabilities without compromising security or compliance requirements.

Azure Maps is now positioned to handle your most sensitive, compliance-driven workloads securely and efficiently with full network isolation. For more details, visit the Azure Maps Private Endpoints documentation and explore Azure Maps Samples.