Your company needs to ensure that an Azure virtual machine can connect to Azure SQL databases without exposing the databases to the internet.
What should you use?
Click on the arrows to vote for the correct answer
A. B. C. D.D
Azure Private Link enables you to access Azure PaaS Services (for example, Azure Storage and SQL Database) and Azure hosted customer-owned/partner services over a private endpoint in your virtual network.
Traffic between your virtual network and the service travels the Microsoft backbone network. Exposing your service to the public internet is no longer necessary
https://techcommunity.microsoft.com/t5/azure-database-support-blog/azure-sql-db-private-link-private-endpoint-connectivity/ba-p/1235573To allow an Azure virtual machine to connect to Azure SQL databases without exposing the databases to the internet, the appropriate solution is to use Azure Private Link.
Azure Private Link is a secure and scalable way to consume Azure services such as Azure SQL Database, Azure Storage, and Azure Data Factory. It allows you to access Azure services over a private endpoint within your virtual network, which enables you to access the services without having to go over the public internet.
Azure Private Link works by creating a private endpoint for the service you want to consume within your virtual network. The private endpoint is a private IP address within your network that serves as an entry point for the service. When you connect to the service using the private endpoint, the traffic stays within your network and does not traverse the internet, providing a more secure and performant connection.
In this scenario, to use Azure Private Link, you would need to:
By following these steps, you can ensure that the virtual machine can connect to Azure SQL databases without exposing the databases to the internet, and with the added benefit of improved performance and security.