I have a Java process inside a Docker container inside an Azure Batch Task.
The Java process is trying to simply establish a JDBC database connection to the Azure Database for MySQL service.
The connection error includes 'Client with IP address '52.224..(etc)' is not allowed to connect to this MySQL server.'
Therefore, I am attempting to learn how to give Azure Batch tasks the ability to connect to Azure Database for MySQL. I cannot find any documentation that seems to address this challenge.
I can see that Azure Database for MySQL contains IP-based firewall settings - but do not know how this would be used to allow access from Azure Batch tasks. Since Azure Batch procures the Virtual Machine - I will have no idea what the IP address is ahead of time in order to add it to database firewall rules. I also don't want add a range of IP addresses that gives other Azure accounts connectivity to this database,
In AWS, this problem is handled with role-based access to the database. Each AWS Batch instance is assignable to a role with access to whatever AWS resources it needs.
I have found no helpful documentation to solve this problem with Azure Batch in a similar way and MS Support has not been helpful - providing me a list of all possible Azure IP addresses - presumably to add to our firewall rules (impractical and insecure).
Thanks in advance for any help!
