Configuring Firewall
SkySQL services are firewall-protected.
Access to MariaDB SkySQL services is managed on a per-service basis.
IPv4 addresses and IPv4 netblocks can be added to the allowlist to enable service access. Access from other addresses will be blocked.
Default
By default, when a service is launched its allowlist is empty. All external traffic to the service is blocked.
Secure Access Configuration
To modify Secure Access settings:
- Log in to the Portal.
- Click the "Settings" link in the main menu (left navigation in the Portal).
- Click the "Secure Access" button.
Secure Access settings.
https://skysql.mariadb.com/settings/secure-access
Alternatively, you can access firewall settings for a specific service by clicking on the "MANAGE" button for the desired service, then choose "Security access" from the menu.
Whitelist dialog.
https://skysql.mariadb.com/dashboard
Add to the Allowlist
IP addresses can be added to the allowlist from the Firewall settings interface or a service's Security Access interface:
- Enter an IPv4 address or IPv4 netblock.
- Optionally enter an alias for this address. An alias provides a way to remember why an address was added to the allowlist.
- Click the "Save" button.
After saving the change, a notification will be provided when the change has been applied.
Remove from the Allowlist
IP addresses can be removed from the allowlist from the Firewall settings interface or a service's Security Access interface:
- Click the "X" button to the right of the entry to remove.
- Click the "Save" button.
After saving the change, a notification will be provided when the change has been applied.
Edit an Allowlist Entry
An allowlist entry can be edited from the Firewall settings interface or a service's Security Access interface:
- Modify the IP address or alias of the desired allowlist entry.
- Click the "Save" button.
After saving the change, a notification will be provided when the change has been applied.