Identify IP Address of Data Factory
It is not currently possible to identify the IP Address of the DF, which you need for firewall rules, including Azure SQL Server firewall....
Thank you for your suggestion. We understand it is super important to whitelist specific IP list for ADF as part of firewall rules and avoid opening network access to all. We are working on this with high priority. Once this is ready, we will also add ADF to the list of “Trusted Azure service” for Azure Storage and Azure SQL DB/DW.
Eric Aurik commented
Is there any update on progress?
Thomas Boge commented
Are we there yet?
Diego Oliveira Sanchez commented
Is there a timeline for implementing this feature? Do you anticipate it will be ready in a few weeks, a few months, or a few years? What is the order of magnitude here?
Is there any kind of update on this? This has been outstanding for some time and has considerable support. This seems like it should be a relatively straightforward one for Microsoft to address and promote the use of the enterprise services you offer - it should be a win-win all around?
Like many others here, this is holding up our deployment.
HI Azure team,
Delayed the product launch due to this limitation in Azure (i.e. unable to whitelist specific IP list).
Hope the specific IP list for ADF is being resolved.
Awaiting confirmation on the fix.
thanks in advance.
Rahul M commented
Hello, I am trying to connect ADFV2 to Azure Storage, but getting message as Access Denied, even though I have enabled option "Allow Trusted Azure Services....". Is there any workaround apart from VM or Self Hosted IR.
Samuel Li commented
Any progress on this?
We are flowing logs to splunk, and have to open the port to all; we already observed some logs from shodan.io.
We need to white list the ADF service IP address as soon as possible.
Paul Douglas commented
Any progress updates / timelines. We have an ADF solution we need to deploy but due to this issue we can not proceed.
Any rough timelines?
Guru Prasad P commented
Please add the firewall and Virtual network feature to the Data Factory as this might become a big security breach if we allow all IP's from the Azure Data Center for the azure services to intergrate with it
This is definitely a minimum requirement from my perspective and I can't believe it is the third most popular idea and it seems it hasn't even been reviewed yet. We can't possibly go into production by opening up our key vault and blob storage to the whole of a data centre where the ADF service resides. We have even had issues with this approach where our data factory was created in Southeast Asia and it was running on IP addresses in an Australian data centre. How about service endpoints for ADF?
Joe McGlynn commented
Folks, 2 years and no comment?
We'd love to move production, but Security won't even engage.
Need a timeline to give them or we look at another solution.
I need to whitelist DF public ip for hive access.....
Ankit Sharma commented
please add feature for accessing keyvault from ADF without whitelisting
Please provide a method of restriction access to and from ADF by IP whitelisting.
This feature request is all most 18 months old at this stage.
Torben Knerr commented
OMG, yes. If not providing a whitelistable IP address, please provide support for vNet integration or service endpoint integration for Data Factory (with Azure-hosted integration runtime for sure)!
This is sad. How can Microsoft say they are serious about security if I can't even whitelist the service trying to connect to my production DB? Should I just open access to the world? Please tell me I'm missing something.
Simon D'Morias commented
It would be really nice to see some feedback on this from Microsoft. Ideally "Working on it" - if not then some guidance other than install an IR on a VM which is nonsense solution.
Come on microsoft, please fix this. It is a security flaw to whitelist all of azure services. It is a showstopper for us at the moment.
This gets 3 votes. Incredible that Microsoft still can't provide a proper way to whitelist ADF in the Azure SQL DB without opening up to all Azure services.