This blog will show you how to create an Azure private endpoint to secure a connection to a MySQL database. Outside access to this database will not be allowed. Hence, let’s get started on the easiest way to make a private endpoint Azure SQL connection.
What Is an Azure Private Endpoint?
A private endpoint is an Azure service that enables private and secure access to Azure PaaS services. This ensures that the network traffic between a virtual network and a service travels via the Microsoft backbone within your network boundary. Therefore, a private endpoint will block Internet traffic.
Here, we create a private endpoint to the MySQL database server so the MySQL server will not be exposed to the Internet.
- An Azure account with an active subscription
How to Create a Private Endpoint Using the Azure Portal (For MySQL)
Follow these steps shown below and create a private endpoint using Azure Portal!
Step 1: Filling Basics
Step 1.1: Go to the Azure portal and search for Private Link and click Create private endpoint.
Step 1.2: Under its Project section, select Subscription and choose the Resource group.
Step 1.3: Under its Instance details section, provide Name, choose the Region, and click Next: Resource.
Step 2: Filling In the Details under The Resource Tab
Step 2.1: Under the Resource tab, select Connection method as “Connect to an Azure resource in my directory”.
Step 2.2: Choose Subscription.
Step 2.3: Select Resource Type: the resource (Microsoft.DBforMySQL/servers) we want to link to the Private endpoint.
Step 2.4: Select Resource: Choose the resource created under our resource group.
Step 2.5: Select target sub-resource (mysqlServer)
Step 2.6: Click Next: Configuration
Step 3: Configuring the Configuration Tab.
Step 3.1: Under the Configuration Tab, select virtual network.
Step 3.2: Select Subnet: you should choose the private subnet under our VNet.
Step 3.3: Select Yes on Integrate with Private DNS zone.
Step 3.4: Click Review + create.
Step 4: Final Step
Now, we can use the hostname (sysallydemodbserver.mysql.database.azure.com ) of the MySQL server in configuration files, and it will redirect the traffic through the private network.
That was all about creating a private endpoint for Azure!
At SysAlly, we experiment with Cloud and the most useful information is passed on to the world as blogs. Signup for the updates.
Until later, here’s SysAlly signing off!