Manage Access Control List for SQLServer Flex

Prerequisites

• You have created a SQLServer Flex instance.
  Check Create and manage instances for SQLServer Flex

Introduction

Access Control Lists (ACLs) in SQLServer Flex provide a simple and effective way to control network access to your database instances. Only the IP addresses or IP ranges explicitly defined by you are permitted to establish a connection. All other addresses are denied by default.

This mechanism adds an essential layer of security by ensuring that only trusted networks and systems can reach your SQLServer Flex instance. ACLs can be configured and managed through the STACKIT Portal, the CLI, Cloud Foundry, or Terraform, giving you full flexibility to integrate access control into your workflows.

Add an ACL entry

STACKIT Portal

To add a new ACL entry:

1. Open your project in the STACKIT Portal
2. Navigate to Databases > SQLServer Flex
3. Select your SQLServer Flex instance and go to the Overview page
4. Click on Edit in the General information Tab
5. Click on Add IP range
6. Enter the desired ACL IP address, including the subnet mask (e.g., 192.168.0.0/24)
7. Click on Save

STACKIT API

STACKIT API

Find the latest and most comprehensive documentation.

To add a new ACL entry:

1. Open your project in the STACKIT Portal

2. Copy the project id

3. Navigate to Databases > SQLServer Flex

4. Select your SQLServer Flex instance and go to the Overview page

5. Copy the instance id

6. The region is visible at the flavor description (-eu01)

7. Sent request to STACKIT API

     curl --request \
     PATCH 'https://mssql-flex-service.api.stackit.cloud/v2/projects/[projectId]/regions/[region of your instance]/instances/[instance id]' \
     --header 'Authorization: Bearer [Insert your short-lived or long-lived token here]'
     --data '{
         "acl": {
           "items": [
             "[add-your-ip]/32"
           ]
         }
       }'

STACKIT CLI

STACKIT CLI

Find the latest and most comprehensive documentation.

To add a new ACL entry:

1. Login to STACKIT CLI

     > stackit auth login

2. Open your project in the STACKIT Portal

3. Copy the project id from the Overview

4. Set the project id for the STACKIT CLI

     > stackit config set --project-id [project id]

5. Navigate to Databases > SQLServer Flex

6. Select your SQLServer Flex instance and go to the Overview page

7. Copy the instance id from the SQLServer Flex instance Overview

8. Update ACL entry

     > stackit sqlserverflex instance update [instance id]  --acl "[add-your-ip]/32"
   
     Are you sure you want to update instance "[instance name]"? [y/N] y
     Updating instance ✓
     Updated instance "[instance name]"

Delete an ACL entry

STACKIT Portal

To delete an ACL entry:

1. Open your project in the STACKIT Portal
2. Navigate to Databases > SQLServer Flex
3. Select your SQLServer Flex instance and go to the Overview page
4. Click on Edit in the General information Tab
5. Click on the X on the side of the ACL entry you want to delete
6. Click on Save

STACKIT API

STACKIT API

Find the latest and most comprehensive documentation.

To delete an ACL entry:

The STACKIT API currently does not provide an ACL endpoint; therefore, it is not possible to delete ACLs via the API.

STACKIT CLI

STACKIT CLI

Find the latest and most comprehensive documentation.

To delete an ACL entry:

The STACKIT CLI currently does not provide an ACL deletion; therefore, it is not possible to delete ACLs via the API.