@Derek R Thank you for reaching out.
Azure SQL Database and Azure Database for MySQL are both good options for cloud-hosted databases.
Azure SQL Database is an excellent choice for many scenarios. Azure SQL Database offers the followings.
- Ideal for businesses needing advanced database management and analysis.
- Offers features like built-in machine learning and advanced data security.
- Proprietary architecture with out-of-the-box features.
- Supports T-SQL (Transact-SQL) language. You can migrate your on-premises SQL Server databases with minimal code changes.
- Best suited for enterprise-grade applications, data warehousing, and analytics.
- Azure SQL Database offers serverless compute, which automatically scales based on demand, reducing costs during idle periods.
Azure Database for MySQL
Azure Database for MySQL - Flexible Server deployment model
What is Azure Database for MySQL - Flexible Server?
Set up Microsoft Entra authentication for Azure Database for MySQL - Flexible Server
Azure Database for MySQL - Flexible Server service tiers
Microsoft Entra (also known as Azure Active Directory authentication) provides a more secure option.
You could invite your customers to the MS Entra tenant, provide the appropriate RBAC permissions and create a group to ensure only the appropriate users have access to the DB.
- Users authenticate using their Azure AD credentials (single sign-on).
- You can manage users centrally, and it integrates well with Azure services.
Azure VNet:
- Adding your Azure DB to a Virtual Network (VNet) restricts communication to only the VNet.
- While this enhances security, it does require users to connect via VPN.
- To avoid manual VPN setup, consider using Point-to-Site VPN or VNet Gateway with Always On enabled.
- This way, your app can initiate the VPN connection automatically when needed.
App Registrations + VNet:
- App Registrations (Azure AD) allow you to register your app and obtain an App ID.
- You can use this App ID to authenticate your app against Azure AD.
- Combine this with VNet integration to ensure secure communication.
- While this approach adds some complexity, it provides better security and user management.
Regards Oury