Krzysztof Żelazny Thank you for reaching out. To prevent users from being able to connect to the user database on the primary replica, you can configure firewall rules on the primary replica to restrict access to the user database. Please try the following steps
- Go to your Azure SQL Database instance in the Azure Portal.
- Go to networking tab.
- Under "Firewall rules", click "Add client IP" to add your current IP address to the list of allowed IP addresses.
- Under "Virtual network service endpoints", select the virtual network and subnet that you want to use for the named replica.
- Click "Save" to apply the changes.
- Once you are connected to the named replica, you can create firewall rules to restrict access to the user database on the primary replica. You can do this by adding a firewall rule that blocks all traffic to the IP address of the primary replica.
This will only prevent users from connecting to the user database on the primary replica. It will not prevent them from connecting to the primary replica itself, or to other databases on the primary replica. If you need to restrict access to the primary replica itself, you can follow the instruction in this doc Configure isolated access to a Hyperscale named replica. I
Please comment below if you face any issues. Regards, Oury