MySQL service firewall exposes a broad range of addresses

March 21, 2025 ยท View on GitHub

SYNOPSIS

Determine if there is an excessive number of permitted IP addresses.

DESCRIPTION

Typically the number of IP address rules permitted through the firewall is minimal, with management connectivity from on-premises and cloud application connectivity the most common.

RECOMMENDATION

The MySQL server has greater then ten (10) public IP addresses that are permitted network access. Some rules may not be needed or can be reduced.

NOTES

This rule is only applicable for the Azure Database for MySQL Single Server deployment model.