Azure Postgres and Data Factory - Firewall Rules

439 views Asked by At

I have an Azure Postgres database, and am looking to query it in an Azure Data Factory pipeline. When I go to add the database as a linked service, I see it fails as the IP address is not whitelisted. Looking at https://learn.microsoft.com/en-us/azure/virtual-network/service-tags-overview#discover-service-tags-by-using-downloadable-json-files , I see that there's a whole lot of IPs in the region for Sql. I was wondering if there's some other way to allow Data Factory to read from the postgres database without enabling the button that allows all subscriptions (not even mine) network access to the database. Ideally, I'd like to say "allow all connections from this azure subscription". Is this doable?

1

There are 1 answers

10
Leon Yue On BEST ANSWER

You could try add the access role for the Data Factory: enter image description here

Grant the Data Factory one of bellow roles:

  • Contributor: Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC.
  • Reader: View all resources, but does not allow you to make any changes.

usually, there are only the tree ways to control the access: 1. add IP roles, 2. Allow access Azure. 3.Access control(IAM). If the IAM doesn't work, we only can add the IP or allow access from Azure.

For all the Azure Database(as I know), the only thing we can set to achieve your request is "Allow access to Azure Service":

enter image description here

HTH.