1

I've been working with Microsoft.DBforPostgreSQL/servers resource and Azure Bicep specifically using this reference. I am missing parameter to set my database accessable from Azure resouces (see the picture attached).

enter image description here

I thought publicNetworkAccess: 'Enabled' should do the trick, but it's not. Any thoughts / recommendations?

Thanks.

Thomas
  • 24,234
  • 6
  • 81
  • 125
evgeny
  • 1,039
  • 1
  • 9
  • 26

1 Answers1

3

The Allow access to Azure services setting can be scripted using a firewall rule for IP 0.0.0.0:

param serverName string

resource server 'Microsoft.DBforPostgreSQL/servers@2017-12-01' existing = {
  name: serverName
}

resource allowAllWindowsAzureIps 'Microsoft.DBforPostgreSQL/servers/firewallRules@2017-12-01' = {
  name: 'AllowAllWindowsAzureIps' // don't change the name
  parent: server
  properties: {
    endIpAddress: '0.0.0.0'
    startIpAddress: '0.0.0.0'
  }
}
Thomas
  • 24,234
  • 6
  • 81
  • 125
  • Those are not only Azure's IPs afaik, these are for anything. I use this approach to whitelist my current IP in order to use psql client from my computer and connect to the DB. But what if I want only Azure's network..? – evgeny May 30 '22 at 19:26
  • This is the equivalent to `Allow access to Azure services`. if you set this setting to false and run the bicep bicep it will set the setting back to yes. – Thomas May 30 '22 at 19:53
  • what you have probably done is whitelist from `0.0.0.0` to `255.255.255.255` = every possible ips – Thomas May 31 '22 at 06:51