loading...
Cover image for Give Azure resources access to your Azure database in ARM and Terraform templates
Octopus Deploy

Give Azure resources access to your Azure database in ARM and Terraform templates

ryanrousseau profile image Ryan Rousseau Originally published at blog.rousseau.dev ・1 min read

Sometimes when I create a new database server in Azure, I forget one step. It doesn't take long before I get connection errors, and I immediately what I missed.

I need to set the Allow Azure services and resources to access this server setting to Yes.

Allow Azure services and resources to access this server

I create most of my cloud resources with automation scripts. I want to set this value to Yes in my ARM or Terraform templates.

I used the Export Template button the Azure portal to see if I could figure out how to do this. This is what I found:

{
    "type": "Microsoft.Sql/servers/firewallRules",
    "apiVersion": "2015-05-01-preview",
    "name": "[concat(parameters('servers_demoserver_name'), '/AllowAllWindowsAzureIps')]",
    "dependsOn": [
        "[resourceId('Microsoft.Sql/servers', parameters('servers_demoserver_name'))]"
    ],
    "properties": {
        "startIpAddress": "0.0.0.0",
        "endIpAddress": "0.0.0.0"
    }
}

Yes represents a firewall rule with the starting and ending IP addresses set to 0.0.0.0.

To do the same in Terraform, use something like:

resource "azurerm_sql_firewall_rule" "AllowAllWindowsAzureIps" {
  name                = "AllowAllWindowsAzureIps"
  resource_group_name = "${azurerm_resource_group.main.name}"
  server_name         = "${azurerm_sql_server.main.name}"
  start_ip_address    = "0.0.0.0"
  end_ip_address      = "0.0.0.0"
}

There you go! Add this trick to your ARM or Terraform repertoire and avoid future connection errors.

This post was originally published at blog.rousseau.dev. Cover photo by Scott Webb on Unsplash.

Posted on Apr 30 by:

ryanrousseau profile

Ryan Rousseau

@ryanrousseau

tech, comedy, cats, mostly cats, Continuous Delivery Architect @OctopusDeploy, opinions are mine, he/him

Octopus Deploy

Deployments can be complex, risky, and scary. That means teams tend to put them off. We've helped thousands of software teams to automate their deployments, and to make deployment something teams can look forward to. 🐙

Discussion

markdown guide