Sprinto DashboardAPI Reference

How to resolve Sprinto check for protecting Azure SQL Database from public access

About

Sprinto Check: Azure SQL database should be protected from direct internet traffic

Protecting public access to your Azure SQL Database is crucial for maintaining security compliance. Sprinto guides on configuring and passing the monitor related to Azure SQL Database Public Access Protection.

Purpose

The purpose of the Sprinto check for Azure SQL Database Public Access Protection is to enforce security compliance by securing public access to your SQL database. This implementation helps you:

  • Security Compliance: Ensure that public access to your Azure SQL Database is disabled, meeting compliance requirements.

  • Data Protection: Safeguard sensitive data by preventing unauthorized access through public endpoints.

  • Sprinto Check Passing: Update the Sprinto check status to "Passing" after implementing the recommended protection measures.

Important Note

Azure automatically creates a built-in firewall rule named AllowAllWindowsAzureIps with the IP range 0.0.0.0 to 0.0.0.0.

This rule does not provide public internet access. Instead, it allows connections only from Azure services.

Sprinto recognises this rule as safe, and the monitor will continue to pass when this is the only rule present.

If your SQL Server shows the AllowAllWindowsAzureIps rule and the Sprinto check is passing, this is expected behaviour and does not indicate exposure to the public internet.

How to Implement

To resolve the Sprinto check, follow these steps within the Azure portal:

Before you Begin

  • Ensure that you have the necessary permissions to modify SQL Database settings.

  • Log in to Sprinto as an administrator.

Protection Implementation

  1. Log in to the Azure portal using your credentials.

  2. Select the SQL databases resource or use the top search bar to locate the database.

  3. Choose the respective SQL database and click Set server firewall.

  4. On Networking page, under Public tab, select Disable for Public network access.

  5. Click Save.

Once the firewall configuration is updated, Sprinto retrieves the changes and sets the Azure SQL database should be protected from direct internet traffic check status to "Passing."

For additional assistance with the Sprinto check, please get in touch with Sprinto Support.

PreviousHow to resolve Sprinto check for protecting Azure Cosmos DB Public AccessNextHow to resolve Sprinto check for restricting public access on Azure storage accounts

Last updated