Create and manage virtual networks for Azure Database for MySQL - Flexible Server using the Azure portal

Azure Database for MySQL Flexible Server supports two types of mutually exclusive network connectivity methods to connect to your Azure Database for MySQL Flexible Server instance. The two options are:

  • Public access (allowed IP addresses)
  • Private access (virtual network integration)

This article focuses on creation of MySQL server with Private access (VNet Integration) using Azure portal. With Private access (virtual network integration), you can deploy your Azure Database for MySQL Flexible Server instance into your own Azure Virtual Network. Azure Virtual Networks provide private and secure network communication. With private access, connections to the MySQL server are restricted to your virtual network. To learn more about it, refer to Private access (virtual network Integration).

Note

You can deploy your Azure Database for MySQL Flexible Server instance into a virtual network and subnet during server creation. After the Azure Database for MySQL Flexible Server instance is deployed, you cannot move it into another virtual network or subnet.

Prerequisites

To create an Azure Database for MySQL Flexible Server instance in a virtual network, you need:

  • A Virtual Network

    Note

    The virtual network and subnet should be in the same region and subscription as your Azure Database for MySQL Flexible Server instance.

  • To delegate a subnet to Microsoft.DBforMySQL/flexibleServers. This delegation means that only Azure Database for MySQL Flexible Server instances can use that subnet. No other Azure resource types can be in the delegated subnet.

Create an Azure Database for MySQL Flexible Server instance in an already existing virtual network

  1. Select Create a resource (+) in the upper-left corner of the portal.

  2. Select Databases > Azure Database for MySQL. You can also enter MySQL in the search box to find the service.

  3. Select Flexible server as the deployment option.

  4. Fill out the Basics form

  5. Go to the Networking tab.

  6. In the Connectivity method, select Private access (VNet Integration). Go to Virtual Network section, you can either select an already existing virtual network and Subnet that is delegated to Microsoft.DBforMySQL/flexibleServers or create a new one by selecting the create virtual network link.

    Note

    Only virtual networks and subnets in the same region and subscription will be listed in the dropdown list.
    The chosen subnet will be delegated to Microsoft.DBforMySQL/flexibleServers. It means that only Azure Database for MySQL Flexible Server instances can use that subnet.

    Screenshot of Vnet-integration.

  7. Create a new or Select an existing Private DNS Zone.

    Note

    Private DNS zone names must end with mysql.database.azure.com.
    If you do not see the option to create a new private dns zone, please enter the server name on the Basics tab.
    After the Azure Database for MySQL Flexible Server instance is deployed to a virtual network and subnet, you cannot move it to Public access (allowed IP addresses).

    Screenshot of dnsconfiguration.

  8. Select Review + create to review your Azure Database for MySQL Flexible Server configuration.

  9. Select Create to provision the server. Provisioning can take a few minutes.