Firewall Option: Auto-enable other Azure Services
As known from the MS SQL Database service, there should be an option to enable other Azure Services (e.g. Web Apps) to connect the database without white-listing every single IP.
‘Allow access to Azure services’ parameter is now available in the ‘Connection security’ blade of your Azure Database for PostgreSQL instances. Thank you very much for your patience!
Nik on behalf of Azure Database for PostgreSQL team
James Woodley commented
This is a very urgent need. Please get this implemented asap
Saloni Sonpal commented
Steven, "Allow azure services to access server" is a feature that is planned for GA and we hope to have it available soon.
Steven Livingstone-Perez commented
You need to add the IP addresses of client VMs to the Postgres security firewall list. Therefore you need to assign public static ip's to every VM because the default dynamic public ip can change and so you get blocked.
This is a pain for VMs that (a) don't need a public IP and (b) it becomes a bit of a pain to have to do this every time you scale up/down a VM.
I'd imagine it presents similar issues with Service Fabric clients , Azure functions and so on (i haven't - yet - looked at this in detail).
Essentially i'd like it like SQL Azure where it trusts Azure sourced traffic at least at the firewall level.
Wayne Massey commented
I second this
Nico Ploner commented
It would be great to have the same switch as with SQL Azure: 'Allow access to Azure services'
Short way to allow access for virtual machines in certain resource group. Instead of specifying ip-addresses.