Deny Public Network Access in Azure Database for MySQL - Flexible Server by using the Azure portal

This article describes how you can configure an Azure Database for MySQL Flexible Server instance to deny all public configurations and allow only connections through private endpoints to enhance network security further.

Deny public access during the creation of MySQL flexible server

  1. When creating an Quickstart: Create an instance of Azure Database for MySQL with the Azure portal in the Networking tab, choose Public access (allowed IP addresses) and Private endpoint as the connectivity method.

  2. To disable public access on the Azure Database for MySQL Flexible Server instance you are creating, uncheck Allow public access to this resource through the internet using a public IP address under Public access.

    Screenshot of denying public access from the portal.

  3. After entering the remaining information in the other tabs, select Review + Create to deploy the Azure Database for MySQL Flexible Server instance without public access.

Deny public access to an existing MySQL flexible server

Note

The Azure Database for MySQL Flexible Server instance must have been deployed with Public access (allowed IP addresses) and Private endpoint as the connectivity method to implement this.

  1. On the Azure Database for MySQL Flexible Server page, under Settings, select Networking.

  2. To disable public access on the Azure Database for MySQL Flexible Server instance, uncheck Allow public access to this resource through the internet using a public IP address under Public access.

    Screenshot of denying public access from the portal next screen.

  3. Select Save to save the changes.

  4. A notification will confirm that the connection security setting was successfully enabled.