diff --git a/infra/core/vnet/private-dns-zone-groups.json b/infra/core/vnet/private-dns-zone-groups.json
index a1b6ef2..09229da 100644
--- a/infra/core/vnet/private-dns-zone-groups.json
+++ b/infra/core/vnet/private-dns-zone-groups.json
@@ -1,18 +1,22 @@
 {
   "azureCloud": {
+    "aiSearch": "privatelink.search.azure.com",
     "azureMonitor": [
       "privatelink.monitor.azure.com",
       "privatelink.oms.opinsights.azure.com",
       "privatelink.agentsvc.azure-automation.net",
       "privatelink.ods.opinsights.azure.com"
-    ]
+    ],
+    "cosmosDB": "privatelink.documents.azure.com"
   },
   "azureusgovernment": {
+    "aiSearch": "privatelink.search.azure.us",
     "azureMonitor": [
       "privatelink.monitor.azure.us",
       "privatelink.oms.opinsights.azure.us",
       "privatelink.agentsvc.azure-automation.us",
       "privatelink.ods.opinsights.azure.us"
-    ]
+    ],
+    "cosmosDB": "privatelink.documents.azure.us"
   }
 }
diff --git a/infra/core/vnet/privatelink-private-dns-zones.bicep b/infra/core/vnet/privatelink-private-dns-zones.bicep
index 89f15e2..ca18bfc 100644
--- a/infra/core/vnet/privatelink-private-dns-zones.bicep
+++ b/infra/core/vnet/privatelink-private-dns-zones.bicep
@@ -4,13 +4,15 @@
 @description('Virtual Network IDs to link to')
 param linkedVnetIds array
 
-var aiSearchPrivateDnsZoneName = 'privatelink.search.windows.net'
-var blobStoragePrivateDnsZoneName = 'privatelink.blob.${environment().suffixes.storage}'
-var cosmosDbPrivateDnsZoneName = 'privatelink.documents.azure.com'
-var storagePrivateDnsZoneNames = [blobStoragePrivateDnsZoneName]
 var privateDnsZoneData = loadJsonContent('private-dns-zone-groups.json')
 var cloudName = toLower(environment().name)
+
+var aiSearchPrivateDnsZoneName = privateDnsZoneData[cloudName].aiSearch
+var blobStoragePrivateDnsZoneName = 'privatelink.blob.${environment().suffixes.storage}'
+var cosmosDbPrivateDnsZoneName = privateDnsZoneData[cloudName].cosmosDb
+var storagePrivateDnsZoneNames = [blobStoragePrivateDnsZoneName]
 var azureMonitorPrivateDnsZones = privateDnsZoneData[cloudName].azureMonitor
+
 var privateDnsZones = union(
   azureMonitorPrivateDnsZones,
   storagePrivateDnsZoneNames,