You’re offline. This is a read only version of the page.
For security purposes I want to look into using Service Tags as a way of limiting the IP addresses that can communicate with my on-premises instance of SQL Server housed in Azure. I want to know which Service Tags relate to connections with Power Automate, Power Apps and Power BI (and separately Excel and Access in M365 too).
There is a specific 'PowerBI' service tag, so that's easy enough. Does 'PowerPlatformInfra' cover Automate and Apps? Are there any other service tags I need to allow for the Power family?
..sadly no to figuring it out! More confused, if anything..
I've had one consultant say that the IP address presenting at Azure will be the user's device rather than some central Microsoft address - but that's the whole reason I'm trying to use Service Tags! No way can I track every potential user's IP address.
Then another has said it should be sorted out with the Gateway through which I communicate with the SQL VM.. But I can't see the Gateway has a defined IP address with which it talks to the VM.
Very lost on this, I'm afraid!
Did you ever figure this out? I have a similar issue for a customer. I did see the PowerBi service tag but that you cannot use it regionally or with firewall (which is in place in this case).
PowerBI service tag covered here:
https://learn.microsoft.com/en-us/azure/virtual-network/service-tags-overview
I did see basic setup for powerBi service tag for SQL managed instance covered here but we are using SQL on Azure VM with firewall.
Link:
https://learn.microsoft.com/en-us/power-bi/enterprise/service-premium-service-tags
Just wondering if you had any luck with it. Thanks for posting you question. It would be great if MS would explain this use case more since I feel like it effects many companies.
#1
DBO_DV
25
Super User 2025 Season 1
#2
CU09051456-0
22
#3
Michael E. Gernaey
10
Super User 2025 Season 1
Share
Report
All responses (
Answers (
