This blog post was co-authored by Anitha Adusumilli, Principal Program Manager, Azure Networking.

We’re excited to share the general availability of Virtual Network (VNet) Service Endpoints for Azure SQL Data Warehouse in all Azure regions. Azure SQL Data Warehouse is a fast, flexible, and secure cloud data warehouse tuned for running complex queries fast and across petabytes of data.

VNet Service Endpoints enable you to isolate connectivity to your logical server from a given subnet or set of subnets within your virtual network. The traffic to Azure SQL Data Warehouse from your VNet will always stay within the Azure backbone network. This direct route will be preferred over any specific routes that take Internet traffic through virtual appliances or on-premises. There is no additional billing for virtual network access through service endpoints. Current pricing model for Azure SQL Data Warehouse applies as is.

With this release, we also enabled PolyBase connectivity to Azure Data Lake Storage Gen2 (ADLS) via Azure Blob File System (ABFS) driver. Azure Data Lake Storage Gen2 brings all the qualities that are required for the full lifecycle of analytics data to Azure Storage. It is the result of converging the capabilities of our two existing storage services, Azure Blob Storage, and Azure Data Lake Storage Gen1. Features from Azure Data Lake Storage Gen1 , such as file system semantics, file-level security, and scale are combined with low-cost, tiered storage, and high availability/disaster recovery capabilities fromAzure Blob Storage.
General availability of VNet Service Endpoints for Azure SQL Data Warehouse
Using Firewall rules and VNet Service Endpoints together

Turning on VNet Service Endpoints does not override Firewall rules that you have provisioned on your logical SQL Server or Azure SQL Data Warehouse. Both continue to be applicable.

VNet Service Endpoints don’t extend to on-premises. To allow access from on-premises, Firewall rules can be used to limit connectivity only to your public (NAT) IPs.

To enable VNet protection, first enable service endpoints for SQL in the VNet as follows:


General availability of VNet Service Endpoints for Azure SQL Data Warehouse

On the logical SQL Server, you can allow access to multiple subnets belonging to one or more VNets. It is also possible for you to configure Firewall rules in conjunction to your VNet rules.


General availability of VNet Service Endpoints for Azure SQL Data Warehouse
PolyBase connectivity to Azure storage account secured to VNet

With this release, we also enabled Polybase connectivity to Azure storage account secured to VNet. Please follow steps described inthis guide for enabling PolyBase import and export scenarios with Azure storage account secured to VNet.


General availability of VNet Service Endpoints for Azure SQL Data Warehouse
Turning on service endpoints for servers with pre-existing firewall rules

When you connect to your server with service endpoints turned on, the source IP of SQL connections will switch to the private IP space of your VNet. If at present, your server or database firewall rules allow specific Azure public IPs, then the connectivity will break until you allow the given VNet/subnet by specifying it in the VNet firewall rules. To ensure connectivity, you can preemptively specify VNet firewall rules before turning on service endpoints by using IgnoreMissingVNetServiceEndpoint flag.

Next steps To get started, refer to our documentation, “ Virtual Network Service Endpoints ” and “ VNet Service Endpoints and rules for Azure SQL Data Warehouse .” For more information about Azure SQL Data Warehouse security capabilities, refer to the “ Guide to enhancing privacy and addressing GDPR requirements with the Microsoft SQL platform ” from the Microsoft Trust Center , or ouronline documentation. To provision, refer to create an Azure SQL Data Warehouse document. To stay up-to-date on the latest Azure SQL Data Warehouse news and features, follow us on Twitter @AzureSQLDW . For feature requests, please vote on our UserVoice . For more information on the Azure Data Lake Storage Gen2 updates, refer to this blog .

本文系统(windows)相关术语:三级网络技术 计算机三级网络技术 网络技术基础 计算机网络技术

代码区博客精选文章
分页:12
转载请注明
本文标题:General availability of VNet Service Endpoints for Azure SQL Data Warehouse
本站链接:https://www.codesec.net/view/621300.html


1.凡CodeSecTeam转载的文章,均出自其它媒体或其他官网介绍,目的在于传递更多的信息,并不代表本站赞同其观点和其真实性负责;
2.转载的文章仅代表原创作者观点,与本站无关。其原创性以及文中陈述文字和内容未经本站证实,本站对该文以及其中全部或者部分内容、文字的真实性、完整性、及时性,不作出任何保证或承若;
3.如本站转载稿涉及版权等问题,请作者及时联系本站,我们会及时处理。
登录后可拥有收藏文章、关注作者等权限...
技术大类 技术大类 | 系统(windows) | 评论(0) | 阅读(50)