SQL Server with Azure access creation with Azure Management Libraries for .Net

Question

I create azure SQL servers using the Azure Management Libraries for .Net and I need to add a firewall rule to allow Azure Services to access the new server (like the switch in the portal). I currently create the server like this

sqlServer = Azure.SqlServers
                    .Define(serverName)
                    .WithRegion(region)
                    .WithExistingResourceGroup(resourceGroup.Name)
                    .WithAdministratorLogin(AppSettings.SqlServerAdminUser)
                    .WithAdministratorPassword(AppSettings.SqlServerAdminPassword)
                    .WithNewFirewallRule("xxx.xxx.xxx.xxx")
                    .WithNewFirewallRule("xxx.xxx.xxx.xxx", "xxx.xxx.xxx.xxx")
                    .WithNewElasticPool(poolName, elasticPoolEdition, databaseName)
                    .Create();

Is there any option I did not find to generally allow Azure services to access this SQL server?

Thank you!

score 2 · Accepted Answer · answered Aug 27 '17 at 14:38

Is there any option I did not find to generally allow Azure services to access this SQL server?

As such there's no setting at the API level for allowing Azure services to access a SQL Server. What happens behind the scenes is that when you want to set this setting through portal, a Firewall rule is created with 0.0.0.0 IP address for you.

Since 0.0.0.0 is not really an IP address, Azure API treats this as a special case to allow access to Azure services.

This is what you would need to do as well.

Please try the following code:

sqlServer = Azure.SqlServers
                    .Define(serverName)
                    .WithRegion(region)
                    .WithExistingResourceGroup(resourceGroup.Name)
                    .WithAdministratorLogin(AppSettings.SqlServerAdminUser)
                    .WithAdministratorPassword(AppSettings.SqlServerAdminPassword)
                    .WithNewFirewallRule("0.0.0.0") // Allow access to Azure Services
                    .WithNewFirewallRule("xxx.xxx.xxx.xxx", "xxx.xxx.xxx.xxx")
                    .WithNewElasticPool(poolName, elasticPoolEdition, databaseName)
                    .Create();

and you should see that your Azure services will be able to access this SQL Server.

score 0 · Answer 2 · answered Aug 27 '17 at 15:26

When you want to enable allow Azure services to access server option when you create a new Azure SQL Server, it actually creates a new firewall rule with the default name: "AllowAllWindowsAzureIp" with startIpAddress: 0.0.0.0 and endIpAddress: 0.0.0.0

I would think that based on the default firewall rule properties above it should define both startIpAddress and endIpAddress as 0.0.0.0

sqlServer = Azure.SqlServers
                    .Define(serverName)
                    .WithRegion(region)
                    .WithExistingResourceGroup(resourceGroup.Name)
                    .WithAdministratorLogin(AppSettings.SqlServerAdminUser)
                    .WithAdministratorPassword(AppSettings.SqlServerAdminPassword)
                    .WithNewFirewallRule("0.0.0.0", "0.0.0.0")
                    .WithNewElasticPool(poolName, elasticPoolEdition, databaseName)
                    .Create();

SQL Server with Azure access creation with Azure Management Libraries for .Net

2 Answers2