Hey everyone! My small startup team needs to access a development instance of an Azure SQL database, but managing the IP list in the firewall settings has become a hassle. We have some Azure knowledge to run our web apps, but none of us are Azure experts. I've tried looking into alternatives and found terms like Bastion, P2S, and private networks in various tutorials, but they're all a bit confusing and don't quite fit our needs. Previously, we used Putty with OpenSSH to connect to our on-prem server and then access SQL via a local port, so I'm hoping to find something similarly straightforward for Azure SQL. Any pointers to tutorials or resources that suit our situation would be awesome!
2 Answers
Using a VPN might seem overkill, but it’s actually a common and affordable solution for connecting to Azure SQL safely. My team uses P2S VPN and it costs us around £100 last month. There are cheaper plans too, but keep in mind that security is essential with Azure resources. Also, if security is a priority, consider sticking with a provider that offers a static public IP for everyone to connect through. Just something to think about!
Good point about the basic SKU being deprecated. Staying updated is crucial when working with Azure!
One of the setups we've got for the dev environment involves an Azure SQL instance with a private link in our VNet. We use a lightweight Tailscale bastion VM for under $10/month, allowing our developers to connect directly via the tailnet to Azure SQL. For more sensitive environments, we need to set up a SOCKS5 proxy to make sure our database stays protected, which is pretty straightforward. This way, you manage costs, while keeping everything secure.
Using Tailscale instead of the Azure Gateway sounds smart! Less hassle and lower costs!
That's true! I think running a full VM for every user is more than needed, but a P2S setup is a solid option.