Use az cli to get private sql info and modify local hosts file to reach its private IP (through VPN for ex)

private-sql-hosts.sh

#!/usr/bin/env bash

# Use azure cli to check if the given SQL is private and add its private IP and host to hosts file

# Use the command below to download and run this script directly from this gist:
#   $ curl -sL <raw gist url> | bash -s /subscriptions/<subscription>/resourceGroups/<resource group>/providers/Microsoft.Sql/servers/<SQL name>
# Use sudo to run it as superuser and let the script edit /etc/hosts file directly:
#   $ curl -sL <raw gist url> | sudo bash -s /subscriptions/<subscription>/resourceGroups/<resource group>/providers/Microsoft.Sql/servers/<SQL name>
# The <raw gist url> is the url provided by the GitHub Gist raw button.
# Once you checked the code, its safe to run it with sudo since the script cannot be modified for that version's raw gist url

# Check if the required commands are available
for command in az jq grep sed; do
    if ! command -v $command &>/dev/null; then
        printf "$command command could not be found!\n"
        missingCommands="true"
    fi
done
if [ "$missingCommands" = "true" ]; then
    exit 1
fi

# Trigger interactive local login if not logged in
az account show &>/dev/null || az login

# Check if argument provided seems to be a vaild sql resource id
echo $1 | grep -oPq '^\/subscriptions\/.*\/resourceGroups\/.*\/providers\/Microsoft.Sql\/servers\/.*$'
if [ $? -ne 0 ]; then
    printf "Please provide as a single argument a valid SQL server resource id.\n"
    printf "\nFormat: /subscriptions/[subscription ID]/resourceGroups/[resource group]/providers/Microsoft.Sql/servers/[sql name]\n"
    exit 2
fi

# Query SQL
subscription=$(echo $1 | grep -oP '(?<=\/subscriptions\/).*?(?=\/)')
resourceGroup=$(echo $1 | grep -oP '(?<=\/resourceGroups\/).*?(?=\/)')
name=$(echo $1 | grep -oP '(?<=\/providers\/Microsoft.Sql\/servers\/).*')
sql=$(az sql server show --name $name --resource-group $resourceGroup --subscription $subscription --output json)
if [ $? -ne 0 ]; then
    printf "\nSeems that SQL $1 does not exists or cannot be reached.\n"
    exit 3
fi

# Check if SQL is private and not public accesible
# This checks the first private link conection ONLY
privateLinkUp=$(echo $sql | jq --raw-output '.privateEndpointConnections[0].properties.provisioningState')
if [ $privateLinkUp != "Ready" ]; then
    printf "The provided SQL DOES NOT has its first private endpoint link ready\n$(echo $sql | jq --raw-output .privateEndpointConnections.0.id)"
    exit 4
fi
isPublic=$(echo $sql | jq --raw-output .publicNetworkAccess)
if [ $isPublic != "Disabled" ]; then
    printf "WARNING: The provided SQL IS public accesible, therefore accesing it through private IP might not be neccesary\n"
fi

# Save required SQL info
privateFqdn=$(echo $sql | jq --raw-output .fullyQualifiedDomainName)
record=$(echo -n $privateFqdn | grep -oP '^[^\.]*')
zone="privatelink.$(echo -n $privateFqdn | grep -oP '(?<=\.).*')"
echo "az network private-dns record-set a show --zone-name $zone --name $record --resource-group $resourceGroup --subscription $subscription --query 'aRecords[*].ipv4Address' --output tsv"
ipv4=$(az network private-dns record-set a show --zone-name $zone --name $record --resource-group $resourceGroup --subscription $subscription --query 'aRecords[*].ipv4Address' --output tsv)

# Modify /etc/hosts to add or edit private SQL hosts
# Return custom line if hosts file is not writable
file='/etc/hosts'
fileline="$ipv4     $privateFqdn"
if [ ! -w "$file" ]; then
    printf "\nTo access this private SQL cluster through VPN add this to your hosts file ($file):\n"
    printf "\n$fileline\n"
    printf "\nRun this script as root allow it to modify $file for you.\n"
else
    grep -q $privateFqdn $file
    if [ $? -eq 0 ]; then
        sed -i "/$privateFqdn/c\\$fileline" $file
    else
        echo "$fileline" >>$file
    fi
    printf "Succesfully added to $file:\n"
    printf "\n$fileline\n"
fi