Stitch Documentation
has moved!

Please update your bookmarks to https://www.stitchdata.com/docs

If you're not automatically redirected after 5 seconds, click here.

Connecting Microsoft Azure via SSH Tunnel

In this article, we'll walk you through connecting your Microsoft Azure database to Stitch via an SSH Tunnel.

Connecting Azure is a six-step process:

  1. Retrieve the Stitch public key
  2. Configure Azure firewall settings
  3. Create a Linux user for Stitch
  4. Create an Azure user for Stitch
  5. Enter the connection info into Stitch
  6. Define the Replication Frequency
  7. Select tables and columns to sync

Retrieving the Stitch Public Key

The Public Key is used to authorize the Stitch Linux user. In the next step, we'll create the user and import the key.

To retrieve the key:

  1. On the Stitch dashboard page, click the Add an Integration button.
  2. Click the Azure icon.
  3. When the credentials page displays, click the Encryption Type menu and select the SSH Tunnel option.
  4. The Public Key will display, along with the other SSH fields.

Leave this page open throughout the tutorial - you'll need it to complete the rest of the setup.

Configuring Azure Firewall Settings

For the connection to be successful, you must configure your firewall to allow access from our IP addresses. Whitelist the following IPs before continuing onto the next step:

  • 54.88.76.97/32
  • 52.23.137.21/32
  • 52.204.223.208/32
  • 52.204.228.32/32
  • 52.204.230.227/32

In addition, make sure that the Allow access to Azure services setting is set to On.

Creating a Linux User for Stitch

Important!
If the sshd_config file associated with the server is not set to the default option, only certain users will have server access - this will prevent a successful connection to Stitch. In these cases, it's necessary to run a command like AllowUsers to allow the Stitch user access to the server.

This can be a production or slave machine, as long as it contains real-time (or frequently updated) data. You may restrict this user any way you like as long as it retains the right to connect to the Azure server.

Note that anything inside square brackets - [like this] - is something you need to define when running the commands yourself.

To create the new user, run the following commands as root on your Linux server:

adduser [stitch username] -p
mkdir /home/[stitch username]
mkdir /home/[stitch username]/.ssh

To ensure the user has access to the database, we need to import the Public Key from the first step into authorized_keys. Copy the entire key into the authorized_keys file as follows:

touch /home/[stitch username]/.ssh/authorized_keys
"< [PASTE KEY HERE] >" >> /home/[stitch username]/.ssh/authorized_keys

To finish creating the user, alter the permissions on the /home/[stitch username] directory to allow access via SSH:

chown -R [stitch username]:[stitch username] /home/[stitch username]
chmod -R 700 /home/[stitch username]/.ssh

In the next step, you'll create a database user for Stitch.

Creating an Azure User for Stitch

Important!
Azure connections require the Azure username to be in this format: 'username'@'domain'.If the username isn't in this format, you'll encounter issues.

Additionally, the entire user name (including the domain) must be entered in Stitch exactly as it's presented in Azure.

Your organization may require a different process, but the simplest way to create this user is to execute the following query when logged into Azure as a user with the right to grant privileges:

GRANT SELECT ON *.* TO '[stitch_username]'@'localhost' IDENTIFIED BY '[secure password here]';

Replace [secure password here] with a secure password, which can be different than the SSH password.

If you wish to restrict this user from accessing data in specific databases, tables, or columns, you can instead run GRANT queries that only allow access to the data you permit.

Note that if the user has access to the master database and this database is then used for authentication, you'll be able to sync all databases that the user has access to from a single Azure integration setup. If the database you're syncing isn't master, you'll only be able to sync schemas and tables within that database, meaning you'll have to set up multiple connections if you want to sync more than one database. This is due to an Azure limitation on how access is granted to Azure's sys.database views.

Entering the Connection Info into Stitch

To wrap things up, we need to enter the connection and user info into Stitch. Did you leave the Azure credentials page open? If not, click the Add an Integration button on the dashboard and then click the Azure icon. Don't forget to select the SSH Tunnel option from the Encryption Type menu.

  • Integration name: This is the name that will display on the Stitch dashboard for the integration; it’ll also be used to create the schema in your data warehouse.

    For example, the name “Azure Marketing” would create a schema called azure_marketing in the data warehouse.
  • Host: By default, this will be localhost. In general, it will be the bind-address value for your Azure server, which by default is 127.0.0.1 (localhost), but could also be some local network address (e.g. 192.168.0.1) or your server's public IP address.
  • Port: This is the Azure's port on your server (3306 by default)
  • Username: The Stitch Azure username. We recommend you copy and paste the username Azure displays to you directly into this field. Make sure the name includes the '@domain' or you'll run into connection issues.
  • Password: This is the password of the Azure Stitch user
  • Remote Address: This is the IP address or hostname of the server we will SSH into
  • SSH Port: This is the SSH port on your server (22 by default)
  • SSH User: This is the username of the Linux (SSH) Stitch user

In the next step, you'll define the integration's replication frequency and save the connection.

Defining the Replication Frequency

The Replication Frequency controls how often Stitch will attempt to replicate data from your data warehouse. By default, the frequency is set to 30 minutes, but you can change it to better suit your needs.

When you're finished, click the Save Integration button to complete the setup.

Selecting Tables and Columns to Sync

Now that your Azure database is connected to Stitch, the next step is selecting the tables and fields you want to sync.

If you're missing tables or some have a Sync Status of Unsupported, try these troubleshooting tips.

Related:

Was this article helpful?
0 out of 0 found this helpful

Comments

Questions or suggestions? If something in our documentation is unclear, let us know in the comments!