0

I have set up an Azure App Service with VNet integration and a Service Endpoint for SQL. If I go to the Azure SQL server and turn off public access, of course now the Azure hosted pipeline can't access the server.

The 2 options I can come up with so far are:

  1. White list somehow the pipeline servers ips on the SQL Server firewall, but that leaves it unnecessarily open accessible from the internet and also it's not only my pipeline that would be able to hit it.
  2. Add a pipeline agent in a vm in the vnet. But that adds costs I was hoping to avoid.

Any other alternative or best practice suggestion?

Martín La Rosa
  • 790
  • 4
  • 17

1 Answers1

0

We are using the agents in the Vnet as mentioned in your second option. The agents we create in the Vnet are creating using Azure Scale set - this gives us flexibility to reduce our agents to 0 when they are not needed to save on cost.

scorpio
  • 1,587
  • 2
  • 15
  • 27