1π
β
In Classic (ASM) mode, the Cloud Service is the network security boundary and the Endpoints with ACLs are used to restrict access from the outside Internet.
A simple solution to secure access would be:
- Ensure that the the DB port (5432) is removed from the cloud service endpoint (to avoid exposing it for the entire Internet).
- Get at static private IP address for the DB server.
- Use the private IP address of
the DB server in the connection string. - Keep the servers in the same Cloud Service.
You can find detailed instructions here:
This should work. But for future implementations, I would recommend the more modern Azure Resource Model (ARM), where you can benefit from many nice new features, including virtual networks (VNETs) where you get more fine-grained security.
π€Styglas
Source:stackexchange.com