How to enable "Allow Azure services and resources to access this server" through PowerShell (Azure CLI)?

Question

After creating a new Azure SQL server using az sql server create, how can I enable the following options through PowerShell(Azure CLI)?

Answer 1

az sql server firewall-rule create --resource-group <resource group name> --server <azure sql name> -n <any name> --start-ip-address 0.0.0.0 --end-ip-address 0.0.0

this command will open up the server for all the world. From a security perspective, it is not ok. But the question was in opening the server just for Azure services.

Answer 2

Just came across this and I believe it's doable via the following script now...

New-AzSqlServerFirewallRule -ResourceGroupName <ResourceGroup> -ServerName <SQLServerName> -AllowAllAzureIPs

Answer 3

Just add a new rule with specific name (AllowAllWindowsAzureIps);

New-AzSqlServerFirewallRule -ResourceGroupName <resourceGroup> -ServerName <serverName> -FirewallRuleName "AllowAllWindowsAzureIps" -StartIpAddress "0.0.0.0" -EndIpAddress "0.0.0.0"

Answer 4

my small contribution here.

the below az command with the respective group and sqlservername sets "Allow Azure services and resources to access this server" to Yes

az sql server firewall-rule create -g -s -n AllowAllWindowsAzureIps --start-ip-address 0.0.0.0 --end-ip-address 0.0.0.0

Answer 5

To expand on Scott answer, the equivalent way to do this in the Azure PowerShell module is:

New-AzSqlServerFirewallRule -FirewallRuleName <fw-rule-name> -StartIpAddress '0.0.0.0' -EndIpAddress '0.0.0.0' -ServerName <sql-server-name> -ResourceGroupName <resource-group-name>

Answer 6

It's in the documentation for Azure SQL somewhere, if you search for "azure sql firewall allow azure services", but here's what you need to do - create a rule with a start and end address of 0.0.0.0, like this:

az sql server firewall-rule create --resource-group <resource group name> --server <azure sql name> -n <any name> --start-ip-address 0.0.0.0 --end-ip-address 0.0.0.0