Microsoft
MicrosoftHey pwlodek! This is an Azure SQL feature available for network-injected endpoints, so managed instances only. SQL DB inbound is, as you know, via single-IP public or private endpoints and would require a different approach.
If you care to detail the issues you have with those 11xxx ports on SQL DB, I'm listening!
Please imagine facial expression on my security architect's face when he heard I have to open ports 1433-65535 on a VNET to allow clients to connect to Azure SQL database (with a private endpoint). Do you think this will ever get addressed? And that is not only VNET right? Picture hybrid scenario where clients from on prem connect as well, all these ports have to be open on the firewall that sits between on prem and the cloud.
MicrosoftThis is something that's been on our backlog for a while. I can't positively say that it will get addressed at any concrete point in time, but I'm noting your feedback and will carry it forward as we consider the next batches of improvements. One thing's for sure – single-IP, single-port redirect will require quite a bit of creative wrangling, or else some kind of rearchitecting of the system so multiple endpoints are still reachable (this is the bit that multiple open ports are addressing today). That's why I can't be any more specific. Still, I appreciate your feedback, pwlodek , and thank you for taking the time to voice it!
