This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
In this guide, learn how to activate deterministic outbound IP support used by Azure Managed Grafana to communicate with data sources, disable public access and set up a firewall rule to allow inbound requests from your Grafana workspace.
Note
The deterministic outbound IPs feature is only accessible for customers with a Standard plan. For more information about plans, go to pricing plans.
Deterministic outbound IP support is disabled by default in Azure Managed Grafana. You can enable this feature during the creation of the workspace, or you can activate it on an existing workspace.
When creating a workspace, select the Standard pricing plan and then in the Advanced tab, set Deterministic outbound IP to Enable.
For more information about creating a new workspace, go to Quickstart: Create an Azure Managed Grafana workspace.
In the Azure portal, under Settings select Configuration, and then under General settings > Deterministic outbound IP, select Enable.
Select Save to confirm the activation of deterministic outbound IP addresses.
Select Refresh to display the list of IP addresses under Static IP address.
This example demonstrates how to disable public access to Azure Data Explorer and set up private endpoints. This process is similar for other Azure data sources.
Open an Azure Data Explorer cluster in the Azure portal, and under Settings, select Networking.
In the Public Access tab, select Disabled to disable public access to the data source.
Under Firewall, check the box Add your client IP address and under Address range, enter the IP addresses found in your Azure Managed Grafana workspace.
Select Save to finish adding the Azure Managed Grafana outbound IP addresses to the allowlist.
You have limited access to your data source by disabling public access, activating a firewall and allowing access from Azure Managed Grafana IP addresses.
Check if the Azure Managed Grafana endpoint can still access your data source.
In the Azure portal, go to your workspace's Overview page and select the Endpoint URL.
Go to Configuration > Data Source > Azure Data Explorer Datasource > Settings and at the bottom of the page, select Save & test:
Post "https://<Azure-Data-Explorer-URI>/v1/rest/query": dial tcp ...: i/o timeout. Make sure that you've entered the IP addresses correctly in the data source firewall allowlist.Training
Module
Protect your Azure Virtual Desktop deployment by using Azure Firewall - Training
Learn how to deploy and configure Azure Firewall to protect outbound network traffic for Azure Virtual Desktop.
Certification
Microsoft Certified: Azure Database Administrator Associate - Certifications
Administer an SQL Server database infrastructure for cloud, on-premises and hybrid relational databases using the Microsoft PaaS relational database offerings.
Documentation
How to connect to a data source privately in Azure Managed Grafana
Learn how to connect an Azure Managed Grafana workspace to a data source using Managed Private Endpoint
How to set up private access in Azure Managed Grafana
How to disable public access to your Azure Managed Grafana workspace and configure private endpoints.
Troubleshoot Azure Managed Grafana
Troubleshoot Azure Managed Grafana issues related to fetching data, managing Azure Managed Grafana dashboards, speed and more.