How to Whitelist IP in SQL Server via NSG that is associated with Virtual Network.

Sai Kiran Maturi 66 Reputation points
2023-07-18T17:24:38.15+00:00

Instead of adding a Firewall Rules in Azure SQL Server in order to whitelist to access the Database, Is it possible to add the inbound Security rules in NSG which is associated to the SQL Server?

Azure SQL Database
SQL Server
SQL Server
A family of Microsoft relational database management and analysis systems for e-commerce, line-of-business, and data warehousing solutions.
14,448 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Oury Ba-MSFT 20,186 Reputation points Microsoft Employee
    2023-07-18T20:07:36.9966667+00:00

    @Sai Kiran Maturi Thank you for reaching out.

    My understanding is that you are asking if it is possible to add the inbound Security rules in NSG which is associated to the SQL Server instead of adding a Firewall Rules in Azure SQL Server in order to whitelist to access the Database.

    Depending on where the connection is originating you have another option:

    1.- Use service endpoint if the source/client application is hosted in Azure. Virtual network endpoints and rules for databases - Azure SQL Database | Microsoft Learn

    2.- Another option is using Private link. This can be used regardless of if the source/client is on premises or hosted in Azure.

    Use virtual network service endpoints and rules for servers in Azure SQL Database

    When you use service endpoints for SQL Database, review the following considerations:

    • Outbound to Azure SQL Database public IPs is required. Network security groups (NSGs) must be opened to SQL Database IPs to allow connectivity. You can do this by using NSG service tags for SQL Database.

    Regards,

    Oury


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.