Jump to content













Photo
- - - - -

Secure your Azure SQL locally inside your vnet using service endpoints

  Posted by Pantelis Apostolidis , in Azure 10 October 2017 · 216 views

azure azurerm

Secure your Azure SQL locally inside your vnet using service endpoints
For many companies, a throwback of using Azure SQL was the Public Access. After the latest Azure updates you can use the service endpoints to Secure your Azure SQL locally inside your vnet! For the time, the feature is available only at the West Central US, West US 2, and East US regions but soon more will follow.
So, lets secure your Azure SQL locally inside your vnet! At the VNET creation blade, select the Microsoft.Sql service endpoint from the list of the available service endpoints.
Posted Image
Then create an SQL Database at the same region,
Posted Image

 

Next, go to the SQL server firewall settings and turn Off the “Allow access to Azure services”. By doing this you disable the access to the SQL Server using the Public IP.
Posted Image
Click the “Add existing virtual network” and create an access rule, in order to be able to access the SQL Server from your Virtual Network using the service endpoints.
Posted Image
Now lets test. A fast way to test your SQL connectivity from a Virtual Machine on the VNET, without having the SQL management tools, is to open the “ODBC Data Source Administrator” and create a new connection. Add the Azure SQL Server IP
Posted Image
at the next screen enter the username and password of your SQL Server and finally click the “Test Data Source”
Posted Image
Of course we can also connect with the SMSS. Add the SQL Server FQDN, the username and the password
Posted Image
and you are connected, fast and securely!
Posted Image

 

You cannot yet add your SQL to a subnet, but you secure it’s access inside your VNET! all public access is denied.
Posted Image
The post Secure your Azure SQL locally inside your vnet using service endpoints appeared first on Apostolidis IT Corner.


Source