I have a virtual machine that runs a Node.js application server, which will be connected to my MySQL database that runs in another virtual machine. Both virtual machines are created in azure.
In order to access to mysql in virtual machine from another virtual machine I have to open inbound and output port 3306
.
When I try to open the port Azure gives following warning message:
Mysql DB port 3306 is exposed to the Internet. We do not recommend exposing database ports to the Internet and suggest only exposing them to your front-end tier inside your virtual network.
I get lost, how I can only expose mysql's port 3306 only to my front-end virtual machine?
Assuming you are using NSG to do that, you have the option to only allow the communication to happen from a specific source
That way, you won't see the warning from Microsoft, because you are no longer exposing to the Internet