Allow SQL Database to join Virtual Network (VPN)
I have Cloud Service with web/worker roles connected to SQL Database (web edition).
I also have Virtual Network with point-to-site client (P2S) connection, but I cannot connect to my SQL Database (web edition) via VPN (eg using SSDM). Instead I have to use internet connection.
IP address assigned by my ISP has short lifetime and is reset daily. This means that almost every time I want to perform Admin tasks, I have to log onto Windows Azure portal to change my IP address in the SQL database firewall (defining a range of addresses is not an option).
VPN would mean I just need to set firewall address list once, and I also like the additional layer of security offered by VPN. P2S requires certificate installed on each client computer, so if passwords / desktop apps did fall into wrong hands, no one would be able to use them to connect from another computer.
John Klacynski commented
What's the latest on this request ?
Any update on VNet support for managed databases? It should be common sense to use only private IP adresses for database servers.
Sooooooo, how is going? Dare I say do you have a project timeline?
Loryn Steinrad commented
How long until VNET > Azure SQL is in public preview? I also need to have a date on our roadmap for this feature.
what is the status of this?
Lindsey Allen, GPM Database Systems commented
@Tim, announced today at Data Amp event, we will have full VNET support with Azure SQLDB managed instance. Managed instance is in private preview right now.
Helge Rutz commented
This "feature" started 14 month ago, and the last admin comment by Guy Haycock is 6 month ago.
As many others I need this for security reasons to allow dynamic clients access the server without opening the server to the hole world, and also limit the access inside of azure to mit VNet bound ressources.
Without this, I can't use move sensitiv data into the cloud, and I will not host my own SQL Server in Azure VNet - then I can use my own on prem datacenter, and don't need azure.
To be able to plan for projects give us status update and hopefully a reliable release date.
Need this functionality please!!!
Mitch Prince commented
Guy - Any update on this?
Mark Jager commented
Can we get an update? It's been almost 5 months since the last communication on this. Is a preview still forthcoming?
jason chaffee commented
Are there any updates on this? I haven't fathered any children while waiting for this much needed component (dare I call it a feature, this is already available in AWS) but I have read "War and Peace."
Who has the authority here to change the title to VNET rather VPN? VPN was a misspelled to me.
I have already fathered one kid while waiting for it, lol
I believe that Guys has moved onto another role, and that Joachim Hammer Joachim.Hammer@microsoft.com has taken over responsibility for Azure SQL.
We all recognize the importance of securing access to the Azure SQL server, and it would be good to hear an update on where things are and more specifically that work in this area is still in progress, so we can manage expectations within our organizations and with our clients?
This is a flaw in the design of MS PaaS that has been years in the fixing. There needs to be some firm commitment on this.
Jim Stickley commented
When I choose to set the firewall to "Allow access to Azure services" on the SQL Server Service's firewall config, does this allow anything hosted by Microsoft's Azure infrastructure the ability to access that service, or is it restricting access to Azure assets owned by my account? Can Azure clients outside my account access the DB?
any update on when you will start supporting PaaS SQL Server to be added to a VNet ?
Matteo Iacopini commented
We really need to have a date on our roadmap for this feature.
please give us some information
Davor Geci commented
can I ask what is the status of this request?
Please note, Microsoft is talking loud about AI-security. This is is nice when your db is compromised. We are acutely looking for the IT-standard ways to prevent a db gets compromised by a brute force attack.