azure managed grafana connection with private azure resources not working

Aruna Kumbhar 20 Reputation points
2024-09-18T10:34:54.3066667+00:00

We are using azure sql vm internally in private network and azure managed grafana on private endpoint. We would like to display data from sql to azure managed grafana. We observed that the connection works only if the sql vm is on public network.

How can we access private azure sql from azure managed grafana?

Do we need to setup both azure sql and azure managed grafana on public network? Or can we connect both with private network and private IPs?

Azure SQL Database
Azure Managed Grafana
Azure Managed Grafana
An Azure service used to deploy Grafana dashboards for analytics and monitoring solutions.
109 questions
{count} votes

Accepted answer
  1. Vinodh247 23,111 Reputation points MVP
    2024-09-18T14:30:42.4033333+00:00

    Hi ,

    Thanks for reaching out to Microsoft Q&A.

    You can connect Azure Managed Grafana to a private Azure SQL VM without needing to expose either resource to the public network by setting up both on a private network and using private IPs Here’s how you can achieve that:

    • Ensure both Azure Managed Grafana and Azure SQL VM are deployed in the same virtual network (VNet) or connected via VNet peering.
    • Set up private endpoints for both services. Azure Managed Grafana should have a private endpoint within the same VNet where the Azure SQL VM resides or a peered VNet.
    • Configure appropriate NSG rules to allow traffic between the Azure Managed Grafana private endpoint and the Azure SQL VM private IP. Ensure there are no rules blocking internal traffic within the VNet or between peered VNets.
    • Ensure private DNS resolution is properly configured. This might require linking a Private DNS Zone to the VNet that resolves the private IP address of the Azure SQL VM. If necessary, configure the DNS settings in Azure Managed Grafana to resolve the SQL VM’s private IP address.
    • Update the firewall rules of your SQL VM to allow traffic from the private IP of the Azure Managed Grafana or the virtual network range.
    • Ensure the authentication method (ex: Managed Identity, SQL auth) is supported for connections over private endpoints.

    By following these steps, you can maintain both resources on private networks without needing to expose them to the public internet while still allowing Azure Managed Grafana to access and display data from your SQL VM.

    Please 'Upvote'(Thumbs-up) and 'Accept' as an answer if the reply was helpful. This will benefit other community members who face the same issue.


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.