- 필수 기능
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- 디지털 경험
- 소프트웨어 제공
- 보안
- 로그 관리
- 관리
- 인프라스트럭처
- ci
- containers
- csm
- ndm
- otel_guides
- overview
- slos
- synthetics
- tests
- 워크플로
Ensure that no PostgreSQL Databases allow ingress from 0.0.0.0/0 (ANY IP).
PostgreSQL Server includes a firewall to block access to unauthorized connections. More granular IP addresses can be defined by referencing the range of addresses available from specific datacenters.
Disabling Allow access to Azure Services will break all connections to PostgreSQL server and Hosted Databases unless custom IP specific rules are not added in Firewall Policy.
OFF
Disable default firewall rule “Allow access to Azure services”:
Remove-AzPostgreSqlFirewallRule -Name "AllowAllWindowsAzureIps" -ResourceGroupName <resource group name> -ServerName <server name>
Remove custom firewall rule:
Remove-AzPostgreSqlFirewallRule -Name <name> -ResourceGroupName <resource group name> -ServerName <server name>
Set the appropriate firewall rules:
New-AzPostgreSqlFirewallRule -Name "<rule name>" -ResourceGroupName "<resource group name>" -ServerName "<server name>" -EndIPAddress "<IP Address other than 0.0.0.0>" -StartIPAddress "<IP Address other than 0.0.0.0 or 255.255.255.255>"