Managing IP access control policies is essential for maintaining a secure Azure environment. These policies allow you to restrict access to your resources based on specific IP addresses, adding an extra layer of security to prevent unauthorized access.

To avoid disruptions when accessing your Azure Cosmos DB for MongoDB or Apache Cassandra API accounts through the Azure Portal, be sure to enable requests from the portal. This step ensures that features like Data Explorer remain accessible. Follow the instructions in this blog post to configure your IP access control policies correctly.

New Portal IP Addresses

In 2024, Azure Cosmos DB portal services transitioned to a new infrastructure. As part of this change, accounts with firewalls enabled will need to allow new IP addresses to maintain access to certain portal functionalities, such as Data Explorer. This transition also introduces dedicated IP addresses for MongoDB and Apache Cassandra API accounts.

During the transition, the ‘Allow access from Azure portal’ option adds both the current and new IP addresses to the account firewall settings, including MongoDB and Cassandra-specific addresses. Once the transition is complete, a portal option will be available to remove the old IP addresses.

How to Enable Requests from the Azure Portal?

Programmatically

When enabling an IP access control policy programmatically, ensure that the Azure portal’s IP address is included in the ipRangeFilter property. This is critical for maintaining portal functionality, such as using Azure Cosmos DB Data Explorer. Failing to add the portal IP address can lead to loss of access, preventing you from managing your data within the Azure portal.

You must add the corresponding IP address for the Azure portal based on the region of your resources. The regional IP addresses are as follows:

Portal

You can enable requests to access the Azure portal by selecting the Allow access from Azure portal option within your Cosmos DB account, as shown in the following screenshot or by following the steps below:

To set the IP access control policy in the Azure portal, follow these steps:

1. Go to your Azure Cosmos DB Account

Navigate to your Azure Cosmos DB account page.

2. Select Networking

On the navigation menu, under Settings in the left nav select Networking.

3. Change Allow Access From Value

Change the ‘Allow access from Azure Portal’ value to Selected networks.

4. Save Changes

After making the changes, select Save.

Verifying Access

After updating your IP access control policy, it is essential to verify that access to the Azure portal is functioning correctly. You can do this by attempting to access your resources through the portal and ensuring that there are no access issues, such as Data Explorer.

Conclusion

Enabling requests from the Azure portal is an essential step in maintaining access to some portal functionality, such as Cosmos DB Data Explorer. By following the steps outlined in this blog, you can ensure that your IP access control policies are configured correctly, providing both security and functionality. Learn more

Please share your feedback with us using the feedback icon within your Cosmos DB account in the Azure portal. Happy Programming!

About Azure Cosmos DB

Azure Cosmos DB is a fully managed and serverless distributed database for modern app development, with SLA-backed speed and availability, automatic and instant scalability, and support for open-source PostgreSQL, MongoDB, and Apache Cassandra. Try Azure Cosmos DB for free here. To stay in the loop on Azure Cosmos DB updates, follow us on X, YouTube, and LinkedIn.