Feb 13 2022 09:31 AM
Hello,
I didn't find a way to find all the Azure "SQL Server" objects that has their check box of "Deny public network access" in the Firewall section - disabled.
I also tried the "Azure Resource Graph Explorer", https://portal.azure.com/#blade/HubsExtension/ArgQueryBlade, but could not find any matching object to query by.
Does anyone has an idea how can I find it?
Extra info:
Azure SQL connectivity settings
https://docs.microsoft.com/en-us/azure/azure-sql/database/connectivity-settings
Deny Public Network Access in Azure Database for MySQL using Azure portal
https://docs.microsoft.com/en-us/azure/mysql/howto-deny-public-network-access
Lesson Learned #126:Deny Public Network Access,Allow Azure Services and Private Link in SQL Database
Feb 13 2022 10:18 AM
Feb 14 2022 02:46 AM
Feb 14 2022 05:08 PM
@eitan1000Try this:
$AzureSQLServers = Get-AzSqlServer
$results = @()
ForEach ($server in $AzureSQLServers)
{
$SQLServer = Get-AzSqlServer -ServerName $server.ServerName -ResourceGroupName $server.ResourceGroupName
$results += [pscustomobject]@{
ServerName = $SQLServer.ServerName
ResourceGroup = $SQLServer.ResourceGroupName
PublicNetworkAccess = $SQLServer.PublicNetworkAccess
}
}
$results
Feb 15 2022 04:21 AM
Feb 17 2022 10:30 AM
Hi @eitan1000 ,
If you want to search across many subscriptions, you could use Azure Resource Graph query instead of PowerShell (where you need to switch / loop between subscriptions):
resources
| where ['type'] =~ 'Microsoft.Sql/servers'
| where properties['publicNetworkAccess'] == 'Enabled'