Configure Azure Database Quickstart

This guide will walk you through the essential steps to configure your Azure Database for PostgreSQL or MySQL instance for common use cases.

Step 1: Create or Select Your Azure Database Instance

Before configuring, ensure you have an existing Azure Database instance or create a new one. You can do this through the Azure portal, Azure CLI, or Azure PowerShell.

Azure Portal: Navigate to your database service (e.g., Azure Database for PostgreSQL), click "Create resource," and follow the prompts.
Azure CLI: Use commands like az postgres create or az mysql create.

Key configuration parameters during creation include server name, admin login, password, region, and pricing tier.

Step 2: Configure Firewall Rules

By default, Azure Database instances are protected by firewalls. You need to add rules to allow connections from your client applications or IP addresses.

In the Azure portal, navigate to your database server resource.
Under "Security," click on Firewall rules.
Click "Add firewall rule."
Provide a name for the rule (e.g., "MyAppServerAccess").
Specify the Start IP and End IP addresses. To allow access from your current IP, click "Add your current client IP address."
Optionally, enable "Allow access to Azure services" if your application runs within Azure and needs to connect.
Click "Save."

Important: Be restrictive with firewall rules. Avoid allowing access from 0.0.0.0 to 255.255.255.255 in production environments.

Step 3: Set Up Connection Security (SSL/TLS)

For secure communication, it's crucial to enforce SSL/TLS connections to your database.

In your database server resource in the Azure portal, navigate to Connection security under "Settings."
Ensure "Enforce SSL connection" is set to Yes.
Download the SSL certificate file (e.g., BaltimoreCyberTrustRoot.pem.txt or similar) provided on this page. You'll need this for your application to verify the server's identity.

Your application connection string should typically include a parameter to use SSL, such as sslmode=require for PostgreSQL or ssl-ca=path/to/certificate.pem for MySQL.

Note: The exact SSL certificate file name and format might vary slightly depending on the Azure Database service and region. Always refer to the official Azure documentation for the most up-to-date information.

Step 4: Configure Database Parameters

Azure Database services offer various server parameters that can be tuned for performance and behavior. Common parameters include memory allocation, query optimization settings, and character sets.

In your database server resource, go to Server parameters under "Settings."
You can search for specific parameters (e.g., max_connections, innodb_buffer_pool_size).
Modify values as needed. Some parameters require a server restart to take effect.

Tip: Start with default parameters and tune based on your application's workload and performance monitoring. Avoid changing parameters unless you understand their impact.

Step 5: Connectivity Testing

After configuring firewall rules and security, test your connection from your application environment.

Using a client tool (e.g., psql, mysql client):

# For PostgreSQL
psql "sslmode=require host=.postgres.database.azure.com port=5432 dbname= user=@ password= sslrootcert=path/to/your/certificate.pem"

# For MySQL
mysql -h <your-server-name>.mysql.database.azure.com -u <your-admin-login>@<your-server-name> -p --ssl-ca=path/to/your/certificate.pem <your-db-name>

From your application code: Ensure your connection string or configuration uses the correct host, port, username, password, database name, and SSL parameters.

Congratulations! You have successfully configured your Azure Database for a secure and accessible setup. Explore the Azure portal for more advanced configurations like replication, backups, and monitoring.

Explore More Database Features