Azure services are publicly available over the internet by default. That works for many services, but sometimes we need to limit access to internal networks only. Private Endpoints provide a local, internal connection to resources in Azure. It does this by adding a virtual NIC to a subnet. From there, the NIC gets a private IP address where it can be accessed from the internal network. This video goes over the configuration options to create a new storage account with an Azure File Share Private Endpoint as well as update an existing storage account with a private endpoint.