Forum Discussion
Findings all Azure SQL Servers with "Deny public network access" disabled
Hello, I didn't find a way to find all the Azure "SQL Server" objects that has their check box of "Deny public network access" in the Firewall section - disabled. I also tried the "Azure Reso...
Take a look at this Azure Policy:
Configure Azure SQL Server to disable public network access:
https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F28b0b1e5-17ba-4963-a7a4-5a1ab4400a0b
You should be able to also use:
# Get the Public Network Access property
(Get-AzSqlServer -ServerName sql-server-name -ResourceGroupName sql-server-group).PublicNetworkAccess
https://docs.microsoft.com/en-us/azure/azure-sql/database/connectivity-settings#change-public-network-access-via-powershell
Configure Azure SQL Server to disable public network access:
https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F28b0b1e5-17ba-4963-a7a4-5a1ab4400a0b
You should be able to also use:
# Get the Public Network Access property
(Get-AzSqlServer -ServerName sql-server-name -ResourceGroupName sql-server-group).PublicNetworkAccess
https://docs.microsoft.com/en-us/azure/azure-sql/database/connectivity-settings#change-public-network-access-via-powershell
- Thank you very much Luke, your links looks really helpful.
Still, I need a way to inventory the current status of this check box across our tenant - is there a way to do it?eitan1000Try this:
$AzureSQLServers = Get-AzSqlServer $results = @() ForEach ($server in $AzureSQLServers) { $SQLServer = Get-AzSqlServer -ServerName $server.ServerName -ResourceGroupName $server.ResourceGroupName $results += [pscustomobject]@{ ServerName = $SQLServer.ServerName ResourceGroup = $SQLServer.ResourceGroupName PublicNetworkAccess = $SQLServer.PublicNetworkAccess } } $results- Thank very very much!!!
