You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/postgresql/howto-hyperscale-manage-firewall-using-portal.md
+10-8Lines changed: 10 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,7 +6,7 @@ ms.author: jonels
6
6
ms.service: postgresql
7
7
ms.subservice: hyperscale-citus
8
8
ms.topic: how-to
9
-
ms.date: 10/15/2021
9
+
ms.date: 11/16/2021
10
10
---
11
11
# Manage public access for Azure Database for PostgreSQL - Hyperscale (Citus)
12
12
@@ -22,28 +22,30 @@ To step through this how-to guide, you need:
22
22
## Create a server-level firewall rule in the Azure portal
23
23
24
24
> [!NOTE]
25
-
> These settings are also accessible during the creation of an Azure Database for PostgreSQL - Hyperscale (Citus) server group. Under the **Networking** tab, click**Public endpoint**.
26
-
25
+
> These settings are also accessible during the creation of an Azure Database for PostgreSQL - Hyperscale (Citus) server group. Under the **Networking** tab, select**Public access (allowed IP address)**.
2. If desired, select **Enable access to the worker nodes**. With this option, the firewall rules will allow access to all worker nodes as well as the coordinator node.
33
+
2. Select **Allow public access from Azure services and resources within Azure to this server group**.
34
+
35
+
3. If desired, select **Enable access to the worker nodes**. With this option, the firewall rules will allow access to all worker nodes as well as the coordinator node.
34
36
35
-
3. Click **Add current client IP address** to create a firewall rule with the public IP address of your computer, as perceived by the Azure system.
37
+
4. Click **Add current client IP address** to create a firewall rule with the public IP address of your computer, as perceived by the Azure system.
36
38
37
39
Alternately, clicking **+Add 0.0.0.0 - 255.255.255.255** (to the right of option B) allows not just your IP, but the whole internet to access the coordinator node's port 5432. In this situation, clients still must log in with the correct username and password to use the cluster. Nevertheless, we recommend allowing worldwide access for only short periods of time and for only non-production databases.
38
40
39
-
4. Verify your IP address before saving the configuration. In some situations, the IP address observed by Azure portal differs from the IP address used when accessing the internet and Azure servers. Thus, you may need to change the Start IP and End IP to make the rule function as expected.
41
+
5. Verify your IP address before saving the configuration. In some situations, the IP address observed by Azure portal differs from the IP address used when accessing the internet and Azure servers. Thus, you may need to change the Start IP and End IP to make the rule function as expected.
40
42
Use a search engine or other online tool to check your own IP address. For example, search for "what is my IP."
41
43
42
44
:::image type="content" source="./media/howto-hyperscale-manage-firewall-using-portal/3-what-is-my-ip.png" alt-text="Bing search for What is my IP":::
43
45
44
-
5. Add more address ranges. In the firewall rules, you can specify a single IP address or a range of addresses. If you want to limit the rule to a single IP address, type the same address in the field for Start IP and End IP. Opening the firewall enables administrators, users, and applications to access the coordinator node on port 5432.
46
+
6. Add more address ranges. In the firewall rules, you can specify a single IP address or a range of addresses. If you want to limit the rule to a single IP address, type the same address in the field for Start IP and End IP. Opening the firewall enables administrators, users, and applications to access the coordinator node on port 5432.
45
47
46
-
6. Click **Save** on the toolbar to save this server-level firewall rule. Wait for the confirmation that the update to the firewall rules was successful.
48
+
7. Click **Save** on the toolbar to save this server-level firewall rule. Wait for the confirmation that the update to the firewall rules was successful.
0 commit comments