Azure CLI: Add/Remove IP Addresses On Azure Synapse Firewall | Build5Nines
source link: https://build5nines.com/azure-cli-add-remove-ip-addresses-on-azure-synapse-firewall/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Azure CLI: Add/Remove IP Addresses on Azure Synapse Firewall
Recently, I performed a lot of work as a Site Reliability Engineer (SRE) / DevOps Engineer on a project that utilizes Azure Synapse for a large data lake and data processing implementation. Through my duties as SRE, I needed to configure the security of Azure Synapse by adding an allow list for IP Addresses that were allowed to connect to the Azure Synapse Workspace.
The Azure CLI provides the az synapse workspace firewall-rule commands for managing the firewall configuration for Azure Synapse Workspaces. The create and delete commands within it can be used to create and delete IP Addresses from the Azure Synapse Firewall allow list respectively.
Below is a sample command for adding an IP Address range to the allow list of the Azure Synapse Workspace firewall. When adding a single IP Address, the start IP Address (aka --start-ip-address) and end IP Address (--end-ip-address) for the range will need to be set to the single IP Address being added. Otherwise, you can specify the starting and ending IP Addresses in the range.
az synapse workspace firewall-rule create \
--name <ip-address-name> \
--start-ip-address <start-ip-address-range> \
--end-ip-address <end-ip-address-range> \
--resource-group <resource-group-name> \
--workspace-name <azure-synapse-workspace-name>Also, below is a sample command for deleting (or removing) an IP Address from the Azure Synapse Workspace firewall allow list.
az synapse workspace firewall-rule delete \
--name <ip-address-name> \
--resource-group <resource-group-name> \
--workspace-name <azure-synapse-workspace-name> \
--yesIn the above Azure CLI az synapse workspace firewall-rule commands, you’ll want to set the following parameters to the appropriate values for your Azure Synapse Workspace:
--nameis the name given to the IP Address range once it’s added to the Azure Synapse Workspace firewall allow list.--resource-groupis the Azure Resource Group name where the Azure Synapse Workspace resides within Azure.--workspace-nameis the name of the Azure Synapse Workspace resource of which the firewall allow list will be managed.
Here’s an example usage of the above command to add a specific IP Address to the firewall allow list of an Azure Synapse Workspace instance:
az synapse workspace firewall-rule create \
--name "SomeMachineThatNeedsAccess" \
--start-ip-address 8.8.8.8 \
--end-ip-address 8.8.8.8 \
--resource-group "MyResourceGroup" \
--workspace-name "MySynapseWorkspace"Happing scripting!
About the Author
Chris Pietschmann
Chris Pietschmann is a Microsoft MVP (Azure & IoT) and HashiCorp Ambassador (2021) with 20+ years of experience designing and building Cloud & Enterprise systems. He has worked with companies of all sizes from startups to Fortune 100. He is also a Microsoft Certified Azure Solutions Architect and developer, a Microsoft Certified Trainer (MCT), and Cloud Advocate. He has a passion for technology and sharing what he learns with others to help enable them to learn faster and be more productive.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK