Azurerm_private_link_service requires nonsensical parameters when trying to set up private link from VNet to Azure service

Hi folks,

Trying to figure out if I’m doing something wrong or using the wrong resource.

Scenario: I have a VNet, a subnet, a VM in that subnet, and an Azure Database instance. I want to set up Private Link so I can access the DB from the VM, and disable public access to the DB instance.

The docs for the azurerm_private_link_service resource tell me I need to specify the load_balancer_frontend_ip_configuration_ids and nat_ip_configuration parameters, neither of which makes sense in this scenario. By my understanding, these two parameters come into play when trying to share access to resources in my VNet with the outside (this is the other use case for Private Link). The example in the docs even include a load balancer resource – this makes sense since the current private link resource requires specifying a load balancer, but in my scenario this is not applicable, so I’m confused.

Was hoping someone could clarify if I’m doing something wrong or if this is an omission in how the azurerm_private_link_service resource is written.