Azure Bicep - Allow Azure services and resources to access this resource

Kontext Kontext event 2022-12-27 visibility 1,654
more_vert

For Azure SQL server firewall settings, there is one option to allow Azure services and resources to access the configured resource. This setting however is not available in firewall settings directly as a boolean flag. This article shows you how to enable this flag using Bicep.

Firewall template

As mentioned in Microsoft.Sql/servers/firewallRules - Bicep, ARM template & Terraform AzAPI reference, firewall rule is defined using the following template:

resource symbolicname 'Microsoft.Sql/servers/firewallRules@2022-05-01-preview' = {
  name: 'string'
  parent: resourceSymbolicName
  properties: {
    endIpAddress: 'string'
    startIpAddress: 'string'
  }
}

There is no property name that links to the flag.

Enable the flag using Bicep

There is one undocumented approach to enable this by setting the IP addresses as '0.0.0.0':

resource SQLAllowAllWindowsAzureIps 'Microsoft.Sql/servers/firewallRules@2020-11-01-preview' = {
  name: 'AllowAllWindowsAzureIps'
  parent: SQL
  properties: {
    startIpAddress: '0.0.0.0'
    endIpAddress: '0.0.0.0'
  }
}

Remember to change parent property to the symbolic reference of your Azure SQL server resource. Once you deploy this rule, the flag will be enabled.

More from Kontext
comment Comments
No comments yet.

Please log in or register to comment.

account_circle Log in person_add Register

Log in with external accounts