Azure Function cannot access SQL database hosted on Azure VM

Question

I have an Azure Function with a Consumption plan and an Azure VM with a Network Security Group attached.

I want the Azure Function to call the database, but the connection to SQL cannot be established.

I've tried to allow access to Azure Function to NSG as follows:

1. Copy Outbound IP addresses from: Function App -> Networking -> Outbound Traffic -> Outbound addresses
2. Go to Virtual Machine -> Networking -> Add inbound port rule:
   • Source: IP Addresses
   • Source IP addresses: outbound function IP addresses
   • Source port ranges: *
   • Destination: Any
   • Service: MS SQL
   • Destination port ranges: 1433 (autocompleted)
   • Protocol: TCP (autocompleted)
   • Action: Allow

But the function still cannot establish a connection to the database.

I'm pretty sure that the issue is related to the Network Security Group because it works if I'm trying to connect to another Azure SQL DB that doesn't have an NSG, but I cannot figure out what's the problem and how to solve it.

Edited: What I've forgot to mention is that the Azure Function and the VM are in different tenants

Answer 1

in Consumption plan there is no fixed IP range. Your Function could be calling from pretty much anywhere. You would need to use Premium Functions with VNet integration. Then your Function can call your VM via a private connection, without even exposing your SQL server to the internet.