ARM Template Snippet - Allow Azure Resources To Access Azure SQL Instance With This One Simple Trick!
I’m really getting into using ARM Templates to deploy Azure Resources. For those of you not ITK, and for the sake of brevity I’ll summarise in a sentence, ARM Templates are basically Infrastructure as Code. It’s all very interesting, go and have a read .
In addition to having our code in source, the ability for us to deploy our entire infrastructure from source into Azure is fantastic, because now we can run one single script to build deploy the infrastructure and the code from source, and we can all have our own personal environment in Azure. And as part of our pipeline we can push packages from builds to different environments/resource groups and be confident that we have everything we need. We have even been writing Pester tests to run post-release to verify the infrastructure is in place and that the resources are as we expect. This has greatly reduced the time it takes to fix bugs or to troubleshoot why a release has failed.
Anyway, back to the point of this blog post. As we are lucky enough to have our entire infrastructure in Azure, there’s a simple way to add a firewall exception to allow any Internal Azure resource to access your SQL Server Instance. The word “Internal” is important here: it means any resource within your VNET, not any Azure Resource ever!