diff --git a/azure-sql/accelerated-database-recovery.md b/azure-sql/accelerated-database-recovery.md index f6c5ee7b814..8bfee38bcec 100644 --- a/azure-sql/accelerated-database-recovery.md +++ b/azure-sql/accelerated-database-recovery.md @@ -3,13 +3,13 @@ title: Accelerated database recovery titleSuffix: Azure SQL description: Accelerated database recovery provides fast and consistent database recovery, instantaneous transaction rollback, and aggressive log truncation for databases in the Azure SQL portfolio. ms.service: sql-database -ms.subservice: high-availability +ms.subservice: backup-restore ms.custom: sqldbrb=4 ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein -ms.reviewer: +author: kfarlee +ms.author: kfarlee +ms.reviewer: mathoma ms.date: 05/19/2020 --- # Accelerated Database Recovery in Azure SQL diff --git a/azure-sql/azure-hybrid-benefit.md b/azure-sql/azure-hybrid-benefit.md index 619e790acde..c594867580b 100644 --- a/azure-sql/azure-hybrid-benefit.md +++ b/azure-sql/azure-hybrid-benefit.md @@ -4,11 +4,11 @@ titleSuffix: Azure SQL Database & SQL Managed Instance description: Use existing SQL Server licenses for Azure SQL Database and SQL Managed Instance discounts. services: sql-database ms.service: sql-db-mi -ms.subservice: features +ms.subservice: service-overview ms.custom: sqldbrb=4 ms.topic: conceptual -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: sashan, moslake ms.date: 02/16/2021 --- diff --git a/azure-sql/azure-sql-iaas-vs-paas-what-is-overview.md b/azure-sql/azure-sql-iaas-vs-paas-what-is-overview.md index 461ca2d0c46..31c5cece7ca 100644 --- a/azure-sql/azure-sql-iaas-vs-paas-what-is-overview.md +++ b/azure-sql/azure-sql-iaas-vs-paas-what-is-overview.md @@ -3,13 +3,13 @@ title: "What is Azure SQL?" description: "Learn about the different options within the Azure SQL family of services: Azure SQL Database, Azure SQL Managed Instance, and SQL Server on Azure VM." services: sql-database ms.service: sql-database -ms.subservice: service +ms.subservice: service-overview ms.custom: sqldbrb=4 ms.devlang: ms.topic: overview keywords: SQL Server cloud, SQL Server in the cloud, PaaS database, cloud SQL Server, DBaaS, IaaS -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 07/27/2020 --- diff --git a/azure-sql/database/active-geo-replication-configure-portal.md b/azure-sql/database/active-geo-replication-configure-portal.md index f06661a2567..cd2c9cacf30 100644 --- a/azure-sql/database/active-geo-replication-configure-portal.md +++ b/azure-sql/database/active-geo-replication-configure-portal.md @@ -7,9 +7,9 @@ ms.subservice: high-availability ms.custom: sqldbrb=1 ms.devlang: ms.topic: tutorial -author: anosov1960 -ms.author: sashan -ms.reviewer: mathoma, sstein +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 02/13/2019 --- # Tutorial: Configure active geo-replication and failover in the Azure portal (Azure SQL Database) diff --git a/azure-sql/database/active-geo-replication-overview.md b/azure-sql/database/active-geo-replication-overview.md index 89e66637cd9..9bf4ec0b1bc 100644 --- a/azure-sql/database/active-geo-replication-overview.md +++ b/azure-sql/database/active-geo-replication-overview.md @@ -7,9 +7,9 @@ ms.subservice: high-availability ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual -author: anosov1960 -ms.author: sashan -ms.reviewer: mathoma, sstein +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 04/28/2021 --- @@ -19,8 +19,11 @@ ms.date: 04/28/2021 Active geo-replication is an Azure SQL Database feature that allows you to create readable secondary databases of individual databases on a server in the same or different data center (region). > [!NOTE] -> Active geo-replication for Azure SQL Hyperscale [is now in public preview](https://aka.ms/hsgeodr). Current limitations include: only one geo-secondary in the same or a different region, only forced failover supported, restore database from geo-secondary not supported, using a geo-secondary as the source database for Database Copy, or as the primary for another geo-secondary is not supported. - +> Active geo-replication for Azure SQL Hyperscale is [now in public preview](https://aka.ms/hsgeodr). Current limitations include: only one geo-secondary in the same or a different region, forced and planned failover not currently supported, restore database from geo-secondary not supported, using a geo-secondary as the source database for Database Copy, or as the primary for another geo-secondary is not supported. +> In the case you need to make the geo secondary writable, you can do so by breaking the geo-replication link with the steps below: +> 1. Make the secondary database a read-write standalone database using the cmdlet [Remove-AzSqlDatabaseSecondary](/powershell/module/az.sql/remove-azsqldatabasesecondary). Any data changes committed to the primary but not yet replicated to the secondary will be lost. These changes could be recovered when the old primary is available, or in some cases by restoring the old primary to the latest available point in time. +> 2. If the old primary is available, delete it, then set up geo-replication for the new primary (a new secondary will be seeded). +> 3. Update connection strings in your application accordingly. > [!NOTE] > Active geo-replication is not supported by Azure SQL Managed Instance. For geographic failover of instances of SQL Managed Instance, use [Auto-failover groups](auto-failover-group-overview.md). diff --git a/azure-sql/database/active-geo-replication-security-configure.md b/azure-sql/database/active-geo-replication-security-configure.md index 147f0965bd5..73efea05598 100644 --- a/azure-sql/database/active-geo-replication-security-configure.md +++ b/azure-sql/database/active-geo-replication-security-configure.md @@ -7,9 +7,9 @@ ms.subservice: high-availability ms.custom: sqldbrb=1 ms.devlang: ms.topic: how-to -author: anosov1960 -ms.author: sashan -ms.reviewer: mathoma, sstein +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 12/18/2018 --- # Configure and manage Azure SQL Database security for geo-restore or failover diff --git a/azure-sql/database/adonet-v12-develop-direct-route-ports.md b/azure-sql/database/adonet-v12-develop-direct-route-ports.md index c4b6f0c3402..5284b932114 100644 --- a/azure-sql/database/adonet-v12-develop-direct-route-ports.md +++ b/azure-sql/database/adonet-v12-develop-direct-route-ports.md @@ -7,9 +7,9 @@ ms.subservice: development ms.custom: "sqldbrb=1, devx-track-dotnet" ms.devlang: ms.topic: reference -author: stevestein -ms.author: sstein -ms.reviewer: genemi +author: VanMSFT +ms.author: vanto +ms.reviewer: mathoma ms.date: 06/11/2020 --- # Ports beyond 1433 for ADO.NET 4.5 diff --git a/azure-sql/database/advance-notifications.md b/azure-sql/database/advance-notifications.md index 29191017a68..eae1e54c8de 100644 --- a/azure-sql/database/advance-notifications.md +++ b/azure-sql/database/advance-notifications.md @@ -3,13 +3,13 @@ title: Advance notifications (Preview) for planned maintenance events description: Get notification before planned maintenance for Azure SQL Database. services: sql-database ms.service: sql-db-mi -ms.subservice: service +ms.subservice: service-overview ms.custom: ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: +author: scott-kim-sql +ms.author: scottkim +ms.reviewer: mathoma ms.date: 03/02/2021 --- # Advance notifications for planned maintenance events (Preview) diff --git a/azure-sql/database/alerts-insights-configure-portal.md b/azure-sql/database/alerts-insights-configure-portal.md index 4de540b23fc..a36f991a4e8 100644 --- a/azure-sql/database/alerts-insights-configure-portal.md +++ b/azure-sql/database/alerts-insights-configure-portal.md @@ -7,9 +7,9 @@ ms.subservice: performance ms.custom: sqldbrb=1 ms.devlang: ms.topic: how-to -author: aamalvea -ms.author: aamalvea -ms.reviewer: wiassaf, sstein +author: AlainDormehlMSFT +ms.author: aldorme +ms.reviewer: mathoma, wiassaf ms.date: 05/04/2020 --- # Create alerts for Azure SQL Database and Azure Synapse Analytics using the Azure portal diff --git a/azure-sql/database/always-encrypted-azure-key-vault-configure.md b/azure-sql/database/always-encrypted-azure-key-vault-configure.md index 9fcea2af4d6..15aa68027f1 100644 --- a/azure-sql/database/always-encrypted-azure-key-vault-configure.md +++ b/azure-sql/database/always-encrypted-azure-key-vault-configure.md @@ -5,7 +5,7 @@ keywords: data encryption, encryption key, cloud encryption services: sql-database ms.service: sql-database ms.subservice: security -ms.custom: sqldbrb=1, devx-track-azurecli +ms.custom: sqldbrb=1, devx-track-azurecli, devx-track-azurepowershell ms.devlang: ms.topic: how-to author: VanMSFT diff --git a/azure-sql/database/always-encrypted-enclaves-configure-attestation.md b/azure-sql/database/always-encrypted-enclaves-configure-attestation.md index 64a3febe024..f3f9dbb0e50 100644 --- a/azure-sql/database/always-encrypted-enclaves-configure-attestation.md +++ b/azure-sql/database/always-encrypted-enclaves-configure-attestation.md @@ -10,7 +10,8 @@ ms.topic: how-to author: jaszymas ms.author: jaszymas ms.reviwer: vanto -ms.date: 01/15/2021 +ms.date: 05/01/2021 +ms.custom: devx-track-azurepowershell --- # Configure Azure Attestation for your Azure SQL logical server @@ -26,19 +27,11 @@ To use Azure Attestation for attesting Intel SGX enclaves used for [Always Encry 1. Create an [attestation provider](../../attestation/basic-concepts.md#attestation-provider) and configure it with the recommended attestation policy. -2. Grant your Azure SQL logical server access to your attestation provider. +2. Determine the attestation URL and share it with application administrators. > [!NOTE] > Configuring attestation is the responsibility of the attestation administrator. See [Roles and responsibilities when configuring SGX enclaves and attestation](always-encrypted-enclaves-plan.md#roles-and-responsibilities-when-configuring-sgx-enclaves-and-attestation). -## Requirements - -The Azure SQL logical server and the attestation provider must belong to the same Azure Active Directory tenant. Cross-tenant interactions aren't supported. - -The Azure SQL logical server must have an Azure AD identity assigned to it. As the attestation administrator you need to obtain the Azure AD identity of the server from the Azure SQL Database administrator for that server. You will use the identity to grant the server access to the attestation provider. - -For instructions on how to create a server with an identity or assign an identity to an existing server using PowerShell and Azure CLI, see [Assign an Azure AD identity to your server](transparent-data-encryption-byok-configure.md#assign-an-azure-active-directory-azure-ad-identity-to-your-server). - ## Create and configure an attestation provider An [attestation provider](../../attestation/basic-concepts.md#attestation-provider) is a resource in Azure Attestation that evaluates [attestation requests](../../attestation/basic-concepts.md#attestation-request) against [attestation policies](../../attestation/basic-concepts.md#attestation-request) and issues [attestation tokens](../../attestation/basic-concepts.md#attestation-token). @@ -87,62 +80,21 @@ For instructions for how to create an attestation provider and configure with an ## Determine the attestation URL for your attestation policy -After you've configured an attestation policy, you need to share the attestation URL, referencing the policy, administrators of applications that use Always Encrypted with secure enclaves in Azure SQL Database. Application administrators or/and application users will need to configure their apps with the attestation URL, so that they can run statements that use secure enclaves. - -### Use PowerShell to determine the attestation URL - -Use the following script to determine your attestation URL: - -```powershell -$attestationProvider = Get-AzAttestation -Name $attestationProviderName -ResourceGroupName $attestationResourceGroupName -$attestationUrl = $attestationProvider.AttestUri + "/attest/SgxEnclave" -Write-Host "Your attestation URL is: " $attestationUrl -``` +After you've configured an attestation policy, you need to share the attestation URL with administrators of applications that use Always Encrypted with secure enclaves in Azure SQL Database. The attestation URL is the `Attest URI` of the attestation provider containing the attestation policy, which looks like this: `https://MyAttestationProvider.wus.attest.azure.net`. ### Use Azure portal to determine the attestation URL -1. In the Overview pane for your attestation provider, copy the value of the Attest URI property to clipboard. An Attest URI should look like this: `https://MyAttestationProvider.us.attest.azure.net`. - -2. Append the following to the Attest URI: `/attest/SgxEnclave`. - -The resulting attestation URL should look like this: `https://MyAttestationProvider.us.attest.azure.net/attest/SgxEnclave` - -## Grant your Azure SQL logical server access to your attestation provider +In the Overview pane for your attestation provider, copy the value of the `Attest URI` property to clipboard. -During the attestation workflow, the Azure SQL logical server containing your database calls the attestation provider to submit an attestation request. For the Azure SQL logical server to be able to submit attestation requests, the server must have a permission for the `Microsoft.Attestation/attestationProviders/attestation/read` action on the attestation provider. The recommended way to grant the permission is for the administrator of the attestation provider to assign the Azure AD identity of the server to the Attestation Reader role for the attestation provider, or its containing resource group. - -### Use Azure portal to assign permission - -To assign the identity of an Azure SQL server to the Attestation Reader role for an attestation provider, follow the general instructions in [Assign Azure roles using the Azure portal](../../role-based-access-control/role-assignments-portal.md). When you are in the **Add role assignment** pane: - -1. In the **Role** drop-down, select the **Attestation Reader** role. -1. In the **Select** field, enter the name of your Azure SQL server to search for it. - -See the below screenshot for an example. - -![attestation reader role assignment](./media/always-encrypted-enclaves/attestation-provider-role-assigment.png) - -> [!NOTE] -> For a server to show up in the **Add role assignment** pane, the server must have an Azure AD identity assigned - see [Requirements](#requirements). - -### Use PowerShell to assign permission - -1. Find your Azure SQL logical server. +### Use PowerShell to determine the attestation URL -```powershell -$serverResourceGroupName = "" -$serverName = "" -$server = Get-AzSqlServer -ServerName $serverName -ResourceGroupName $serverResourceGroupName -``` - -2. Assign the server to the Attestation Reader role for the resource group containing your attestation provider. +Use the `Get-AzAttestation` cmdlet to retrieve the attestation provider properties, including AttestURI. ```powershell -$attestationResourceGroupName = "" -New-AzRoleAssignment -ObjectId $server.Identity.PrincipalId -RoleDefinitionName "Attestation Reader" -ResourceGroupName $attestationResourceGroupName +Get-AzAttestation -Name $attestationProviderName -ResourceGroupName $attestationResourceGroupName ``` -For more information, see [Assign Azure roles using Azure PowerShell](../../role-based-access-control/role-assignments-powershell.md#assign-role-examples). +For more information, see [Create and manage an attestation provider](../../attestation/quickstart-powershell.md#create-and-manage-an-attestation-provider). ## Next Steps diff --git a/azure-sql/database/always-encrypted-enclaves-getting-started.md b/azure-sql/database/always-encrypted-enclaves-getting-started.md index a135a445ec1..fdb45373c5c 100644 --- a/azure-sql/database/always-encrypted-enclaves-getting-started.md +++ b/azure-sql/database/always-encrypted-enclaves-getting-started.md @@ -9,7 +9,7 @@ ms.topic: tutorial author: jaszymas ms.author: jaszymas ms.reviwer: vanto -ms.date: 01/15/2021 +ms.date: 05/01/2021 --- # Tutorial: Getting started with Always Encrypted with secure enclaves in Azure SQL Database @@ -26,25 +26,30 @@ This tutorial teaches you how to get started with [Always Encrypted with secure ## Prerequisites -This tutorial requires Azure PowerShell and [SSMS](/sql/ssms/download-sql-server-management-studio-ssms). +- An active Azure subscription. If you don't have one, [create a free account](https://azure.microsoft.com/free/). You need to be a member of the Contributor role or the Owner role for the subscription to be able to create resources and configure an attestation policy. + +- SQL Server Management Studio (SSMS), version 18.9.1 or later. See [Download SQL Server Management Studio (SSMS)](/sql/ssms/download-sql-server-management-studio-ssms) for information on how to download SSMS. ### PowerShell requirements -See [Overview of Azure PowerShell](/powershell/azure) for information on how to install and run Azure PowerShell. +> [!NOTE] +> The prerequisites listed in this section apply only if you choose to use PowerShell for some of the steps in this tutorial. If you plan to use Azure portal instead, you can skip this section. -Minimum version of Az modules required to support attestation operations: +Make sure the following PowerShell modules are installed on your machine. -- Az 4.5.0 -- Az.Accounts 1.9.2 -- Az.Attestation 0.1.8 +1. Az version 5.6 or later. For details on how to install the Az PowerShell module, see [Install the Azure Az PowerShell module](/powershell/azure/install-az-ps). To determine the version the Az module installed on your machine, run the following command from a PowerShell session. -Run the below command to verify the installed version of all Az modules: + ```powershell + Get-InstalledModule -Name Az + ``` -```powershell -Get-InstalledModule -``` +1. Az.Attestation 0.1.8 or later. For details on how to install the Az.Attestation PowerShell module, see [Install Az.Attestation PowerShell module](../../attestation/quickstart-powershell.md#install-azattestation-powershell-module). To determine the version the Az.Attestation module installed on your machine, run the following command from a PowerShell session. + + ```powershell + Get-InstalledModule -Name Az.Attestation + ``` -If the versions aren't matching with the minimum requirement, run the `Update-Module` command. +If the versions aren't matching with the minimum requirements, run the `Update-Module` command. The PowerShell Gallery has deprecated Transport Layer Security (TLS) versions 1.0 and 1.1. TLS 1.2 or a later version is recommended. You may receive the following errors if you are using a TLS version lower than 1.2: @@ -57,167 +62,232 @@ To continue to interact with the PowerShell Gallery, run the following command b [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 ``` -### SSMS requirements +## Step 1: Create and configure a server and a DC-series database -See [Download SQL Server Management Studio (SSMS)](/sql/ssms/download-sql-server-management-studio-ssms) for information on how to download SSMS. +In this step, you will create a new Azure SQL Database logical server and a new database using the DC-series hardware generation, required for Always Encrypted with secure enclaves. For more information see [DC-series](service-tiers-vcore.md#dc-series). -The required minimum version of SSMS is 18.8. +# [Portal](#tab/azure-portal) +1. Browse to the [Select SQL deployment option](https://portal.azure.com/#create/Microsoft.AzureSQL) page. +1. If you are not already signed in to Azure portal, sign in when prompted. +1. Under **SQL databases**, leave **Resource type** set to **Single database**, and select **Create**. -## Step 1: Create and configure a server and a DC-series database + :::image type="content" source="./media/single-database-create-quickstart/select-deployment.png" alt-text="Add to Azure SQL"::: + +1. On the **Basics** tab of the **Create SQL Database** form, under **Project details**, select the desired Azure **Subscription**. +1. For **Resource group**, select **Create new**, enter a name for your resource group, and select **OK**. +1. For **Database name** enter *ContosoHR*. +1. For **Server**, select **Create new**, and fill out the **New server** form with the following values: + - **Server name**: Enter *mysqlserver*, and add some characters for uniqueness. We can't provide an exact server name to use because server names must be globally unique for all servers in Azure, not just unique within a subscription. So enter something like mysqlserver135, and the portal lets you know if it is available or not. + - **Server admin login**: Enter an admin login name, for example: *azureuser*. + - **Password**: Enter a password that meets requirements, and enter it again in the **Confirm password** field. + - **Location**: Select a location from the dropdown list. + > [!IMPORTANT] + > You need to select a location (an Azure region) that supports both the DC-series hardware generation and Microsoft Azure Attestation. For the list of regions supporting DC-series, see [DC-series availability](service-tiers-vcore.md#dc-series-1). [Here](https://azure.microsoft.com/global-infrastructure/services/?products=azure-attestation) is the regional availability of Microsoft Azure Attestation. + + Select **OK**. +1. Leave **Want to use SQL elastic pool** set to **No**. +1. Under **Compute + storage**, select **Configure database**, and click **Change configuration**. + + :::image type="content" source="./media/always-encrypted-enclaves/portal-configure-database.png" alt-text="Configure database" lightbox="./media/always-encrypted-enclaves/portal-configure-database.png"::: + +1. Select the **DC-series** hardware configuration, and then select **OK**. + + :::image type="content" source="./media/always-encrypted-enclaves/portal-configure-dc-series-database.png" alt-text="Configure DC-series database"::: -In this step, you will create a new Azure SQL Database logical server and a new database using the DC-series hardware generation, required for Always Encrypted with secure enclaves. For more information see [DC-series](service-tiers-sql-database-vcore.md#dc-series). +1. Select **Apply**. +1. Back on the **Basics** tab, verify **Compute + storage** is set to **General Purpose**, **DC, 2 vCores, 32 GB storage**. +1. Select **Next: Networking** at the bottom of the page. + + :::image type="content" source="./media/always-encrypted-enclaves/portal-configure-dc-series-database-basics.png" alt-text="Configure DC-series database - basics"::: + +1. On the **Networking** tab, for **Connectivity method**, select **Public endpoint**. +1. For **Firewall rules**, set **Add current client IP address** to **Yes**. Leave **Allow Azure services and resources to access this server** set to **No**. +1. Select **Review + create** at the bottom of the page. + + :::image type="content" source="./media/always-encrypted-enclaves/portal-configure-database-networking.png" alt-text="New SQL database - networking"::: + +1. On the **Review + create** page, after reviewing, select **Create**. + +# [PowerShell](#tab/azure-powershell) 1. Open a PowerShell console and import the required version of Az. - ```PowerShell - Import-Module "Az" -MinimumVersion "4.5.0" - ``` - -2. Sign into Azure. If needed, [switch to the subscription](/powershell/azure/manage-subscriptions-azureps) you are using for this tutorial. + ```PowerShell + Import-Module "Az" -MinimumVersion "5.6.0" + ``` + +1. Sign into Azure. If needed, [switch to the subscription](/powershell/azure/manage-subscriptions-azureps) you are using for this tutorial. - ```PowerShell - Connect-AzAccount - $subscriptionId = "" - Set-AzContext -Subscription $subscriptionId - ``` + ```PowerShell + Connect-AzAccount + $subscriptionId = "" + Set-AzContext -Subscription $subscriptionId + ``` -3. Create a new resource group. +1. Create a new resource group. - > [!IMPORTANT] - > You need to create your resource group in a region (location) that supports both the DC-series hardware generation and Microsoft Azure Attestation. For the list of regions supporting DC-series, see [DC-series availability](service-tiers-sql-database-vcore.md#dc-series-1). [Here](https://azure.microsoft.com/global-infrastructure/services/?products=azure-attestation) is the regional availability of Microsoft Azure Attestation. + > [!IMPORTANT] + > You need to create your resource group in a region (location) that supports both the DC-series hardware generation and Microsoft Azure Attestation. For the list of regions supporting DC-series, see [DC-series availability](service-tiers-vcore.md#dc-series-1). [Here](https://azure.microsoft.com/global-infrastructure/services/?products=azure-attestation) is the regional availability of Microsoft Azure Attestation. - ```powershell - $resourceGroupName = "" - $location = "" - New-AzResourceGroup -Name $resourceGroupName -Location $location - ``` + ```powershell + $resourceGroupName = "" + $location = "" + New-AzResourceGroup -Name $resourceGroupName -Location $location + ``` -4. Create an Azure SQL logical server. When prompted, enter the server administrator name and a password. Make sure you remember the admin name and the password - you will need them later to connect to the server. +1. Create an Azure SQL logical server. When prompted, enter the server administrator name and a password. Make sure you remember the admin name and the password - you will need them later to connect to the server. - ```powershell - $serverName = "" - New-AzSqlServer -ServerName $serverName -ResourceGroupName $resourceGroupName -Location $location - ``` + ```powershell + $serverName = "" + New-AzSqlServer -ServerName $serverName -ResourceGroupName $resourceGroupName -Location $location + ``` -5. Create a server firewall rule that allows access from the specified IP range. +1. Create a server firewall rule that allows access from the specified IP range. - ```powershell - $startIp = "" - $endIp = "" - $serverFirewallRule = New-AzSqlServerFirewallRule -ResourceGroupName $resourceGroupName ` + ```powershell + $startIp = "" + $endIp = "" + $serverFirewallRule = New-AzSqlServerFirewallRule -ResourceGroupName $resourceGroupName ` -ServerName $serverName ` -FirewallRuleName "AllowedIPs" -StartIpAddress $startIp -EndIpAddress $endIp - ``` + ``` -6. Assign a managed system identity to your server. +1. Create a DC-series database. - ```PowerShell - $server = Set-AzSqlServer -ServerName $serverName -ResourceGroupName $resourceGroupName -AssignIdentity - $serverObjectId = $server.Identity.PrincipalId - ``` - -7. Create a DC-series database. - - ```powershell - $databaseName = "ContosoHR" - $edition = "GeneralPurpose" - $vCore = 2 - $generation = "DC" - New-AzSqlDatabase -ResourceGroupName $resourceGroupName ` + ```powershell + $databaseName = "ContosoHR" + $edition = "GeneralPurpose" + $vCore = 2 + $generation = "DC" + New-AzSqlDatabase -ResourceGroupName $resourceGroupName ` -ServerName $serverName ` -DatabaseName $databaseName ` -Edition $edition ` -Vcore $vCore ` -ComputeGeneration $generation - ``` + ``` -8. Retrieve and save the information about your server and the database. You will need this information, as well as the admin name and the password from step 4 in this section, in later sections. +--- - ```powershell - Write-Host - Write-Host "Fully qualified server name: $($server.FullyQualifiedDomainName)" - Write-Host "Server Object Id: $serverObjectId" - Write-Host "Database name: $databaseName" - ``` - -## Step 2: Configure an attestation provider +## Step 2: Configure an attestation provider + +In this step, you'll create and configure an attestation provider in Microsoft Azure Attestation. This is needed to attest the secure enclave your database uses. + +# [Portal](#tab/azure-portal) + +1. Browse to the [Create attestation provider](https://ms.portal.azure.com/#create/Microsoft.Attestation) page. +1. On the **Create attestation provider** page, provide the following inputs: -In this step, You'll create and configure an attestation provider in Microsoft Azure Attestation. This is needed to attest the secure enclave your database uses. + - **Subscription**: Choose the same subscription you created the Azure SQL logical server in. + - **Resource Group**: Choose the same resource group you created the Azure SQL logical server in. + - **Name**: Enter *myattestprovider*, and add some characters for uniqueness. We can't provide an exact attestation provider name to use because names must be globally unique. So enter something like myattestprovider12345, and the portal lets you know if it is available or not. + - **Location**: Choose the location, in which you created the Azure SQL logical server in. + - **Policy signer certificates file**: Leave this field empty, as you will configure an unsigned policy. + +1. After you provide the required inputs, select **Review + create**. + + :::image type="content" source="./media/always-encrypted-enclaves/portal-create-attestation-provider-basics.png" alt-text="Create attestation provider"::: + +1. Select **Create**. +1. Once the attestation provider is created, click **Go to resource**. +1. On the **Overview** tab for the attestation provider, copy the value of the **Attest URI** property to clipboard and save it in a file. This is the attestation URL, you will need in later steps. + + :::image type="content" source="./media/always-encrypted-enclaves/portal-attest-uri.png" alt-text="Attestation URL"::: + +1. Select **Policy** on the resource menu on the left side of the window or on the lower pane. +1. Set **Attestation Type** to **SGX-IntelSDK**. +1. Select **Configure** on the upper menu. + + :::image type="content" source="./media/always-encrypted-enclaves/portal-configure-attestation-policy.png" alt-text="Configure attestation policy"::: + +1. Set **Policy Format** to **Text**. Leave **Policy options** set to **Enter policy**. +1. In the **Policy text** field, replace the default policy with the below policy. For information about the below policy, see [Create and configure an attestation provider](always-encrypted-enclaves-configure-attestation.md#create-and-configure-an-attestation-provider). + + ```output + version= 1.0; + authorizationrules + { + [ type=="x-ms-sgx-is-debuggable", value==false ] + && [ type=="x-ms-sgx-product-id", value==4639 ] + && [ type=="x-ms-sgx-svn", value>= 0 ] + && [ type=="x-ms-sgx-mrsigner", value=="e31c9e505f37a58de09335075fc8591254313eb20bb1a27e5443cc450b6e33e5"] + => permit(); + }; + ``` + +1. Click **Save**. + + :::image type="content" source="./media/always-encrypted-enclaves/portal-edit-attestation-policy.png" alt-text="Edit attestation policy"::: + +1. Click **Refresh** on the upper menu to view the configured policy. + +# [PowerShell](#tab/azure-powershell) 1. Copy the below attestation policy and save the policy in a text file (txt). For information about the below policy, see [Create and configure an attestation provider](always-encrypted-enclaves-configure-attestation.md#create-and-configure-an-attestation-provider). - ```output - version= 1.0; - authorizationrules - { - [ type=="x-ms-sgx-is-debuggable", value==false ] - && [ type=="x-ms-sgx-product-id", value==4639 ] - && [ type=="x-ms-sgx-svn", value>= 0 ] - && [ type=="x-ms-sgx-mrsigner", value=="e31c9e505f37a58de09335075fc8591254313eb20bb1a27e5443cc450b6e33e5"] - => permit(); - }; - ``` - -2. Import the required version of `Az.Attestation`. - - ```powershell - Import-Module "Az.Attestation" -MinimumVersion "0.1.8" - ``` + ```output + version= 1.0; + authorizationrules + { + [ type=="x-ms-sgx-is-debuggable", value==false ] + && [ type=="x-ms-sgx-product-id", value==4639 ] + && [ type=="x-ms-sgx-svn", value>= 0 ] + && [ type=="x-ms-sgx-mrsigner", value=="e31c9e505f37a58de09335075fc8591254313eb20bb1a27e5443cc450b6e33e5"] + => permit(); + }; + ``` + +1. Import the required version of `Az.Attestation`. + + ```powershell + Import-Module "Az.Attestation" -MinimumVersion "0.1.8" + ``` -3. Create an attestation provider. +1. Create an attestation provider. - ```powershell - $attestationProviderName = "" - New-AzAttestation -Name $attestationProviderName -ResourceGroupName $resourceGroupName -Location $location - ``` + ```powershell + $attestationProviderName = "" + New-AzAttestation -Name $attestationProviderName -ResourceGroupName $resourceGroupName -Location $location + ``` -4. Configure your attestation policy. +1. Configure your attestation policy. - ```powershell - $policyFile = "" - $teeType = "SgxEnclave" - $policyFormat = "Text" - $policy=Get-Content -path $policyFile -Raw - Set-AzAttestationPolicy -Name $attestationProviderName ` + ```powershell + $policyFile = "" + $teeType = "SgxEnclave" + $policyFormat = "Text" + $policy=Get-Content -path $policyFile -Raw + Set-AzAttestationPolicy -Name $attestationProviderName ` -ResourceGroupName $resourceGroupName ` -Tee $teeType ` -Policy $policy ` -PolicyFormat $policyFormat - ``` - -5. Grant your Azure SQL logical server access to your attestation provider. In this step, you're using the object ID of the managed service identity that you assigned to your server earlier. - - ```powershell - New-AzRoleAssignment -ObjectId $serverObjectId ` - -RoleDefinitionName "Attestation Reader" ` - -ResourceName $attestationProviderName ` - -ResourceType "Microsoft.Attestation/attestationProviders" ` - -ResourceGroupName $resourceGroupName - ``` - -6. Retrieve the attestation URL that points to an attestation policy you configured for the SGX enclave. Save the URL, as you will need it later. - - ```powershell - $attestationProvider = Get-AzAttestation -Name $attestationProviderName -ResourceGroupName $resourceGroupName - $attestationUrl = $attestationProvider.AttestUri + "/attest/SgxEnclave" - Write-Host - Write-Host "Your attestation URL is: $attestationUrl" - ``` - - The attestation URL should look like this: `https://contososqlattestation.uks.attest.azure.net/attest/SgxEnclave` + ``` + +1. Retrieve the attestation URL (the Attest URI of your attestation provider). + + ```powershell + $attestationUrl = (Get-AzAttestation -Name $attestationProviderName -ResourceGroupName $resourceGroupName).AttestUri + Write-Host "Your attestation URL is: $attestationUrl" + ``` + + The attestation URL should look like this: `https://myattestprovider12345.eus.attest.azure.net` + +--- + ## Step 3: Populate your database In this step, you'll create a table and populate it with some data that you'll later encrypt and query. 1. Open SSMS and connect to the **ContosoHR** database in the Azure SQL logical server you created **without** Always Encrypted enabled in the database connection. - 1. In the **Connect to Server** dialog, specify the fully qualified name of your server (for example, *myserver123.database.windows.net*), and enter the administrator user name and the password you specified when you created the server. + 1. In the **Connect to Server** dialog, specify the fully qualified name of your server (for example, *myserver135.database.windows.net*), and enter the administrator user name and the password you specified when you created the server. 2. Click **Options >>** and select the **Connection Properties** tab. Make sure to select the **ContosoHR** database (not the default, master database). 3. Select the **Always Encrypted** tab. 4. Make sure the **Enable Always Encrypted (column encryption)** checkbox is **not** selected. - ![Connect without Always Encrypted](media/always-encrypted-enclaves/connect-without-always-encrypted-ssms.png) + :::image type="content" source="./media/always-encrypted-enclaves/connect-without-always-encrypted-ssms.png" alt-text="Connect without Always Encrypted"::: 5. Click **Connect**. @@ -264,7 +334,6 @@ In this step, you'll create a table and populate it with some data that you'll l , $55415); ``` - ## Step 4: Provision enclave-enabled keys In this step, you'll create a column master key and a column encryption key that allow enclave computations. @@ -279,7 +348,7 @@ In this step, you'll create a column master key and a column encryption key that 6. Select your certificate or Azure Key Value key if it already exists, or click the **Generate Certificate** button to create a new one. 7. Select **OK**. - ![Allow enclave computations](media/always-encrypted-enclaves/allow-enclave-computations.png) + :::image type="content" source="./media/always-encrypted-enclaves/allow-enclave-computations.png" alt-text="Allow enclave computations"::: 1. Create a new enclave-enabled column encryption key: @@ -294,19 +363,17 @@ In this step, you'll encrypt the data stored in the **SSN** and **Salary** colum 1. Open a new SSMS instance and connect to your database **with** Always Encrypted enabled for the database connection. 1. Start a new instance of SSMS. - 2. In the **Connect to Server** dialog, specify the fully qualified name of your server (for example, *myserver123.database.windows.net*), and enter the administrator user name and the password you specified when you created the server. + 2. In the **Connect to Server** dialog, specify the fully qualified name of your server (for example, *myserver135.database.windows.net*), and enter the administrator user name and the password you specified when you created the server. 3. Click **Options >>** and select the **Connection Properties** tab. Make sure to select the **ContosoHR** database (not the default, master database). 4. Select the **Always Encrypted** tab. - 5. Make sure the **Enable Always Encrypted (column encryption)** checkbox is selected. + 5. Make sure the **Enable Always Encrypted (column encryption)** checkbox **is** selected. 6. Specify your enclave attestation URL that you've obtained by following the steps in [Step 2: Configure an attestation provider](#step-2-configure-an-attestation-provider). See the below screenshot. - ![Connect with attestation](media/always-encrypted-enclaves/connect-to-server-configure-attestation.png) + :::image type="content" source="./media/always-encrypted-enclaves/connect-to-server-configure-attestation.png" alt-text="Connect with attestation"::: 7. Select **Connect**. 8. If you're prompted to enable Parameterization for Always Encrypted queries, select **Enable**. - - 1. Using the same SSMS instance (with Always Encrypted enabled), open a new query window and encrypt the **SSN** and **Salary** columns by running the below statements. ```sql @@ -354,7 +421,7 @@ You can run rich queries against the encrypted columns. Some query processing wi ``` 3. Try the same query again in the SSMS instance that doesn't have Always Encrypted enabled. A failure should occur. - + ## Next steps After completing this tutorial, you can go to one of the following tutorials: diff --git a/azure-sql/database/always-encrypted-landing.yml b/azure-sql/database/always-encrypted-landing.yml index 3fa811a9083..e8c569f0879 100644 --- a/azure-sql/database/always-encrypted-landing.yml +++ b/azure-sql/database/always-encrypted-landing.yml @@ -114,10 +114,10 @@ landingContent: url: /sql/relational-databases/security/encryption/always-encrypted-migrate-using-backup-restore - text: Migrate data to or from columns using Always Encrypted with SQL Server Import and Export Wizard url: /sql/relational-databases/security/encryption/always-encrypted-migrate-using-import-export-wizard - - text: Migrate data to or from columns using Always Encrypted with SQL Server Import and Export Wizard - url: /sql/relational-databases/security/encryption/always-encrypted-migrate-using-import-export-wizard - text: Bulk load encrypted data to columns using Always Encrypted url: /sql/relational-databases/security/encryption/migrate-sensitive-data-protected-by-always-encrypted + - text: Using Always Encrypted with Azure Data Factory + url: https://docs.microsoft.com/azure/data-factory/connector-azure-sql-database#using-always-encrypted # Card diff --git a/azure-sql/database/application-authentication-get-client-id-keys.md b/azure-sql/database/application-authentication-get-client-id-keys.md index 0332823ae7c..1f67b1eef4d 100644 --- a/azure-sql/database/application-authentication-get-client-id-keys.md +++ b/azure-sql/database/application-authentication-get-client-id-keys.md @@ -4,12 +4,12 @@ description: Create a service principal for accessing Azure SQL Database from co services: sql-database ms.service: sql-database ms.subservice: development -ms.custom: sqldbrb=1 , devx-track-azurecli +ms.custom: sqldbrb=1 , devx-track-azurecli, devx-track-azurepowershell ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: +author: VanMSFT +ms.author: vanto +ms.reviewer: mathoma ms.date: 03/12/2019 --- # Get the required values for authenticating an application to access Azure SQL Database from code diff --git a/azure-sql/database/arm-templates-content-guide.md b/azure-sql/database/arm-templates-content-guide.md index ce75ffba635..6853ed8416f 100644 --- a/azure-sql/database/arm-templates-content-guide.md +++ b/azure-sql/database/arm-templates-content-guide.md @@ -3,14 +3,14 @@ title: Azure Resource Manager templates - Azure SQL Database & SQL Managed Insta description: Use Azure Resource Manager templates to create and configure Azure SQL Database and Azure SQL Managed Instance. services: sql-database ms.service: sql-db-mi -ms.subservice: service +ms.subservice: deployment-configuration ms.custom: overview-samples sqldbrb=2 ms.devlang: ms.topic: guide -author: danimir -ms.author: danil -ms.reviewer: sstein -ms.date: 02/04/2019 +author: srdan-bozovic-msft +ms.author: srbozovi +ms.reviewer: mathoma +ms.date: 05/24/2021 --- # Azure Resource Manager templates for Azure SQL Database & SQL Managed Instance diff --git a/azure-sql/database/authentication-aad-configure.md b/azure-sql/database/authentication-aad-configure.md index 1caf3783e01..3f263c610b7 100644 --- a/azure-sql/database/authentication-aad-configure.md +++ b/azure-sql/database/authentication-aad-configure.md @@ -5,7 +5,7 @@ description: Learn how to connect to SQL Database, SQL Managed Instance, and Azu services: sql-database ms.service: sql-db-mi ms.subservice: security -ms.custom: azure-synapse, has-adal-ref, sqldbrb=2 +ms.custom: azure-synapse, has-adal-ref, sqldbrb=2, devx-track-azurepowershell ms.devlang: ms.topic: how-to author: GithubMirek diff --git a/azure-sql/database/authentication-aad-service-principal-tutorial.md b/azure-sql/database/authentication-aad-service-principal-tutorial.md index 43ffae8bd07..56b836146e3 100644 --- a/azure-sql/database/authentication-aad-service-principal-tutorial.md +++ b/azure-sql/database/authentication-aad-service-principal-tutorial.md @@ -7,7 +7,8 @@ ms.topic: tutorial author: GithubMirek ms.author: mireks ms.reviewer: vanto -ms.date: 05/10/2021 +ms.date: 05/10/2021 +ms.custom: devx-track-azurepowershell --- # Tutorial: Create Azure AD users using Azure AD applications diff --git a/azure-sql/database/auto-failover-group-configure.md b/azure-sql/database/auto-failover-group-configure.md index d3d69607f59..9458cdea551 100644 --- a/azure-sql/database/auto-failover-group-configure.md +++ b/azure-sql/database/auto-failover-group-configure.md @@ -6,11 +6,11 @@ services: sql-database ms.service: sql-db-mi ms.subservice: high-availability ms.custom: sqldbrb=2, devx-track-azurecli -ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: +ms.devlang: +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 08/14/2019 --- # Configure a failover group for Azure SQL Database diff --git a/azure-sql/database/auto-failover-group-overview.md b/azure-sql/database/auto-failover-group-overview.md index 444aa64afbd..83b8050d167 100644 --- a/azure-sql/database/auto-failover-group-overview.md +++ b/azure-sql/database/auto-failover-group-overview.md @@ -8,9 +8,9 @@ ms.subservice: high-availability ms.custom: sqldbrb=2 ms.devlang: ms.topic: conceptual -author: anosov1960 -ms.author: sashan -ms.reviewer: mathoma, sstein +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 05/10/2021 --- diff --git a/azure-sql/database/automated-backups-overview.md b/azure-sql/database/automated-backups-overview.md index 7826afda907..9afacb79865 100644 --- a/azure-sql/database/automated-backups-overview.md +++ b/azure-sql/database/automated-backups-overview.md @@ -5,11 +5,11 @@ description: Azure SQL Database and Azure SQL Managed Instance automatically cre services: sql-database ms.service: sql-db-mi ms.subservice: backup-restore -ms.custom: references_regions +ms.custom: references_regions, devx-track-azurepowershell ms.topic: conceptual author: shkale-msft ms.author: shkale -ms.reviewer: mathoma, stevestein, danil +ms.reviewer: mathoma, danil ms.date: 03/10/2021 --- # Automated backups - Azure SQL Database & SQL Managed Instance diff --git a/azure-sql/database/automatic-tuning-email-notifications-configure.md b/azure-sql/database/automatic-tuning-email-notifications-configure.md index 7f5ad1cbe8c..8bf46008783 100644 --- a/azure-sql/database/automatic-tuning-email-notifications-configure.md +++ b/azure-sql/database/automatic-tuning-email-notifications-configure.md @@ -4,7 +4,7 @@ description: Enable e-mail notifications for Azure SQL Database automatic query services: sql-database ms.service: sql-db-mi ms.subservice: performance -ms.custom: sqldbrb=1 +ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: ms.topic: how-to author: danimir @@ -246,4 +246,4 @@ You might further customize the solution to build email notifications based on a - Learn more on how automatic tuning can help you improve database performance, see [Automatic tuning in Azure SQL Database](automatic-tuning-overview.md). - To enable automatic tuning in Azure SQL Database to manage your workload, see [Enable automatic tuning](automatic-tuning-enable.md). -- To manually review and apply automatic tuning recommendations, see [Find and apply performance recommendations](database-advisor-find-recommendations-portal.md). \ No newline at end of file +- To manually review and apply automatic tuning recommendations, see [Find and apply performance recommendations](database-advisor-find-recommendations-portal.md). diff --git a/azure-sql/database/automation-manage.md b/azure-sql/database/automation-manage.md index f791f5115c6..61353dfda69 100644 --- a/azure-sql/database/automation-manage.md +++ b/azure-sql/database/automation-manage.md @@ -3,13 +3,13 @@ title: Manage databases with Azure Automation description: Learn about how the Azure Automation service can be used to manage Azure SQL Database at scale. services: sql-database ms.service: sql-db-mi -ms.subservice: service +ms.subservice: deployment-configuration ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual author: juliemsft ms.author: jrasnick -ms.reviewer: sstein +ms.reviewer: mathoma ms.date: 03/12/2019 --- diff --git a/azure-sql/database/az-cli-script-samples-content-guide.md b/azure-sql/database/az-cli-script-samples-content-guide.md index 277ab715d21..48e1466526c 100644 --- a/azure-sql/database/az-cli-script-samples-content-guide.md +++ b/azure-sql/database/az-cli-script-samples-content-guide.md @@ -4,12 +4,12 @@ titleSuffix: Azure SQL Database & SQL Managed Instance description: Azure CLI script examples to create and manage Azure SQL Database and Azure SQL Managed Instance services: sql-database ms.service: sql-db-mi -ms.subservice: service +ms.subservice: deployment-configuration ms.custom: overview-samples, mvc, sqldbrb=2, devx-track-azurecli ms.devlang: azurecli ms.topic: sample -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 02/03/2019 --- diff --git a/azure-sql/database/business-continuity-high-availability-disaster-recover-hadr-overview.md b/azure-sql/database/business-continuity-high-availability-disaster-recover-hadr-overview.md index f7a29df1800..f7e256756ac 100644 --- a/azure-sql/database/business-continuity-high-availability-disaster-recover-hadr-overview.md +++ b/azure-sql/database/business-continuity-high-availability-disaster-recover-hadr-overview.md @@ -9,9 +9,9 @@ ms.subservice: high-availability ms.custom: sqldbrb=2 ms.devlang: ms.topic: conceptual -author: anosov1960 -ms.author: sashan -ms.reviewer: mathoma, sstein +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 06/25/2019 --- # Overview of business continuity with Azure SQL Database diff --git a/azure-sql/database/connect-excel.md b/azure-sql/database/connect-excel.md index 3ad7d6a0277..7e20979962a 100644 --- a/azure-sql/database/connect-excel.md +++ b/azure-sql/database/connect-excel.md @@ -4,13 +4,13 @@ description: Learn how to connect Microsoft Excel to a database in Azure SQL Dat titleSuffix: Azure SQL Database & SQL Managed Instance services: sql-database ms.service: sql-database -ms.subservice: development +ms.subservice: connect ms.custom: sqldbrb=1 ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: +author: VanMSFT +ms.author: vanto +ms.reviewer: mathoma ms.date: 05/29/2020 --- diff --git a/azure-sql/database/connect-github-actions-sql-db.md b/azure-sql/database/connect-github-actions-sql-db.md index 3802da037b5..ef263e776c3 100644 --- a/azure-sql/database/connect-github-actions-sql-db.md +++ b/azure-sql/database/connect-github-actions-sql-db.md @@ -4,10 +4,12 @@ description: Use Azure SQL from a GitHub Actions workflow author: juliakm services: sql-database ms.service: sql-database +ms.subservice: connect ms.topic: quickstart ms.author: jukullam ms.date: 05/05/2021 ms.custom: github-actions-azure +ms.reviewer: mathoma --- diff --git a/azure-sql/database/connect-query-content-reference-guide.md b/azure-sql/database/connect-query-content-reference-guide.md index 77096f23007..c90c7db01c8 100644 --- a/azure-sql/database/connect-query-content-reference-guide.md +++ b/azure-sql/database/connect-query-content-reference-guide.md @@ -4,13 +4,13 @@ description: Links to Azure SQL Database quickstarts showing how to connect to a titleSuffix: Azure SQL Database & SQL Managed Instance services: sql-database ms.service: sql-database -ms.subservice: service +ms.subservice: connect ms.custom: sqldbrb=1 ms.devlang: ms.topic: guide -author: stevestein -ms.author: sstein -ms.reviewer: +author: dzsquared +ms.author: drskwier +ms.reviewer: mathoma ms.date: 03/17/2021 --- # Azure SQL Database and Azure SQL Managed Instance connect and query articles diff --git a/azure-sql/database/connect-query-dotnet-core.md b/azure-sql/database/connect-query-dotnet-core.md index 3c46c53f4b1..c72ae1fa55a 100644 --- a/azure-sql/database/connect-query-dotnet-core.md +++ b/azure-sql/database/connect-query-dotnet-core.md @@ -4,13 +4,13 @@ description: This topic shows you how to use .NET Core to create a program that titleSuffix: Azure SQL Database & SQL Managed Instance services: sql-database ms.service: sql-database -ms.subservice: development +ms.subservice: connect ms.custom: "sqldbrb=2, devx-track-csharp" ms.devlang: dotnet ms.topic: quickstart -author: stevestein -ms.author: sstein -ms.reviewer: +author: dzsquared +ms.author: drskwier +ms.reviewer: mathoma ms.date: 05/29/2020 --- # Quickstart: Use .NET Core (C#) to query a database diff --git a/azure-sql/database/connect-query-dotnet-visual-studio.md b/azure-sql/database/connect-query-dotnet-visual-studio.md index 73ed880f848..fcb6c120838 100644 --- a/azure-sql/database/connect-query-dotnet-visual-studio.md +++ b/azure-sql/database/connect-query-dotnet-visual-studio.md @@ -4,13 +4,13 @@ description: Use Visual Studio to create a C# app that connects to a database in titleSuffix: Azure SQL Database & SQL Managed Instance services: sql-database ms.service: sql-database -ms.subservice: development +ms.subservice: connect ms.custom: "devx-track-csharp, sqldbrb=2" ms.devlang: dotnet ms.topic: quickstart -author: stevestein -ms.author: sstein -ms.reviewer: +author: dzsquared +ms.author: drskwier +ms.reviewer: mathoma ms.date: 08/10/2020 --- # Quickstart: Use .NET and C# in Visual Studio to connect to and query a database diff --git a/azure-sql/database/connect-query-go.md b/azure-sql/database/connect-query-go.md index c793c064989..ae2191b3cb4 100644 --- a/azure-sql/database/connect-query-go.md +++ b/azure-sql/database/connect-query-go.md @@ -4,13 +4,14 @@ description: Use Go to create a program that connects to a database in Azure SQL titleSuffix: Azure SQL Database & SQL Managed Instance services: sql-database ms.service: sql-database -ms.subservice: development +ms.subservice: connect ms.custom: sqldbrb=2  ms.devlang: go ms.topic: quickstart -author: David-Engel -ms.author: sstein -ms.reviewer: MightyPen +author: dzsquared +ms.author: drskwier +ms.reviewer: mathoma + ms.date: 04/14/2021 --- # Quickstart: Use Golang to query a database in Azure SQL Database or Azure SQL Managed Instance diff --git a/azure-sql/database/connect-query-nodejs.md b/azure-sql/database/connect-query-nodejs.md index b80f92ca1f9..d6e8e7023aa 100644 --- a/azure-sql/database/connect-query-nodejs.md +++ b/azure-sql/database/connect-query-nodejs.md @@ -4,13 +4,13 @@ description: How to use Node.js to create a program that connects to a database titleSuffix: Azure SQL Database & SQL Managed Instance services: sql-database ms.service: sql-database -ms.subservice: development +ms.subservice: connect ms.devlang: nodejs ms.topic: quickstart -author: stevestein -ms.author: sstein -ms.reviewer: v-masebo -ms.date: 05/29/2020 +author: dzsquared +ms.author: drskwier +ms.reviewer: mathoma, v-masebo +ms.date: 05/19/2021 ms.custom: seo-javascript-september2019, seo-javascript-october2019, sqldbrb=2, devx-track-js --- # Quickstart: Use Node.js to query a database in Azure SQL Database or Azure SQL Managed Instance @@ -147,6 +147,8 @@ Open a command prompt and create a folder named *sqltest*. Open the folder you c queryDatabase(); } }); + + connection.connect(); function queryDatabase() { console.log("Reading rows from the Table..."); diff --git a/azure-sql/database/connect-query-php.md b/azure-sql/database/connect-query-php.md index 419a9233af8..9001cd8cb28 100644 --- a/azure-sql/database/connect-query-php.md +++ b/azure-sql/database/connect-query-php.md @@ -4,12 +4,12 @@ description: How to use PHP to create a program that connects to a database in A titleSuffix: Azure SQL Database & SQL Managed Instance services: sql-database ms.service: sql-database -ms.subservice: development +ms.subservice: connect ms.devlang: php ms.topic: quickstart -author: stevestein -ms.author: sstein -ms.reviewer: v-masebo +author: dzsquared +ms.author: drskwier +ms.reviewer: mathoma, v-masebo ms.date: 05/29/2020 ms.custom: sqldbrb=2  --- diff --git a/azure-sql/database/connect-query-python.md b/azure-sql/database/connect-query-python.md index 24ab9e3fe05..5b3c959b3d3 100644 --- a/azure-sql/database/connect-query-python.md +++ b/azure-sql/database/connect-query-python.md @@ -4,13 +4,13 @@ description: This topic shows you how to use Python to create a program that con titleSuffix: Azure SQL Database & SQL Managed Instance services: sql-database ms.service: sql-database -ms.subservice: development +ms.subservice: connect ms.custom: seo-python-october2019, sqldbrb=2, devx-track-python ms.devlang: python ms.topic: quickstart -author: stevestein -ms.author: sstein -ms.reviewer: +author: dzsquared +ms.author: drskwier +ms.reviewer: mathoma ms.date: 12/19/2020 --- # Quickstart: Use Python to query a database diff --git a/azure-sql/database/connect-query-ruby.md b/azure-sql/database/connect-query-ruby.md index b5798378dc0..88140eddbe3 100644 --- a/azure-sql/database/connect-query-ruby.md +++ b/azure-sql/database/connect-query-ruby.md @@ -4,13 +4,13 @@ description: This topic shows you how to use Ruby to create a program that conne titleSuffix: Azure SQL Database & SQL Managed Instance services: sql-database ms.service: sql-database -ms.subservice: development +ms.subservice: connect ms.custom: sqldbrb=2  ms.devlang: ruby ms.topic: quickstart -author: stevestein -ms.author: sstein -ms.reviewer: +author: dzsquared +ms.author: drskwier +ms.reviewer: mathoma ms.date: 05/29/2020 --- # Quickstart: Use Ruby to query a database in Azure SQL Database or Azure SQL Managed Instance diff --git a/azure-sql/database/connect-query-ssms.md b/azure-sql/database/connect-query-ssms.md index 8343003bdf2..793a6aefef1 100644 --- a/azure-sql/database/connect-query-ssms.md +++ b/azure-sql/database/connect-query-ssms.md @@ -5,13 +5,13 @@ description: Learn how to connect to Azure SQL Database or SQL Managed Instance keywords: connect to sql database,sql server management studio services: sql-database ms.service: sql-database -ms.subservice: service +ms.subservice: connect ms.custom: sqldbrb=2 ms.devlang: ms.topic: quickstart -author: stevestein -ms.author: sstein -ms.reviewer: +author: dzsquared +ms.author: drskwier +ms.reviewer: mathoma ms.date: 09/28/2020 --- # Quickstart: Use SSMS to connect to and query Azure SQL Database or Azure SQL Managed Instance diff --git a/azure-sql/database/connect-query-vscode.md b/azure-sql/database/connect-query-vscode.md index 9c76ace8803..97ddee7df2d 100644 --- a/azure-sql/database/connect-query-vscode.md +++ b/azure-sql/database/connect-query-vscode.md @@ -5,13 +5,13 @@ description: Learn how to connect to Azure SQL Database or SQL Managed Instance keywords: connect to sql database services: sql-database ms.service: sql-database -ms.subservice: service +ms.subservice: connect ms.custom: sqldbrb=2 ms.devlang: ms.topic: quickstart -author: stevestein -ms.author: sstein -ms.reviewer: +author: dzsquared +ms.author: drskwier +ms.reviewer: mathoma ms.date: 05/29/2020 --- # Quickstart: Use Visual Studio Code to connect and query diff --git a/azure-sql/database/connectivity-architecture.md b/azure-sql/database/connectivity-architecture.md index 6a414227ae3..ada6f7b9f89 100644 --- a/azure-sql/database/connectivity-architecture.md +++ b/azure-sql/database/connectivity-architecture.md @@ -3,14 +3,14 @@ title: Azure SQL Database Connectivity Architecture description: This document explains the Azure SQL Database connectivity architecture for database connections from within Azure or from outside of Azure. services: sql-database ms.service: sql-database -ms.subservice: development +ms.subservice: connect ms.custom: fasttrack-edit, sqldbrb=1 titleSuffix: Azure SQL Database and Azure Synapse Analytics ms.devlang: ms.topic: conceptual author: rohitnayakmsft ms.author: rohitna -ms.reviewer: sstein, vanto +ms.reviewer: mathoma, vanto ms.date: 01/25/2021 --- # Azure SQL Database and Azure Synapse Analytics connectivity architecture diff --git a/azure-sql/database/connectivity-settings.md b/azure-sql/database/connectivity-settings.md index ba64da0360f..541727ed558 100644 --- a/azure-sql/database/connectivity-settings.md +++ b/azure-sql/database/connectivity-settings.md @@ -3,12 +3,14 @@ title: Connectivity settings for Azure SQL Database and Azure Synapse Analytics description: This article explains the Transport Layer Security (TLS) version choice and the Proxy versus Redirect settings for Azure SQL Database and Azure Synapse Analytics. services: sql-database ms.service: sql-database +ms.subservice: connect titleSuffix: Azure SQL Database and Azure Synapse Analytics ms.topic: how-to author: rohitnayakmsft ms.author: rohitna -ms.reviewer: sstein, vanto +ms.reviewer: mathoma, vanto ms.date: 07/06/2020 +ms.custom: devx-track-azurepowershell --- # Azure SQL connectivity settings diff --git a/azure-sql/database/cost-management.md b/azure-sql/database/cost-management.md index 6f9d40842dc..9545502cfe8 100644 --- a/azure-sql/database/cost-management.md +++ b/azure-sql/database/cost-management.md @@ -1,10 +1,11 @@ --- title: Plan and manage costs description: Learn how to plan for and manage costs for Azure SQL Database by using cost analysis in the Azure portal. -author: WilliamDAssafMSFT -ms.author: wiassaf +author: MashaMSFT +ms.author: mathoma ms.custom: subject-cost-optimization ms.service: sql-database +ms.subservice: service-overview ms.topic: how-to ms.date: 01/15/2021 --- diff --git a/azure-sql/database/data-discovery-and-classification-overview.md b/azure-sql/database/data-discovery-and-classification-overview.md index 872bac2e25b..3661894c2ce 100644 --- a/azure-sql/database/data-discovery-and-classification-overview.md +++ b/azure-sql/database/data-discovery-and-classification-overview.md @@ -30,7 +30,7 @@ Your most sensitive data might include business, financial, healthcare, or perso ## What is Data Discovery & Classification? -Data Discovery & Classification introduces a set of basic services and new capabilities in Azure. It forms a new information-protection paradigm for SQL Database, SQL Managed Instance, and Azure Synapse, aimed at protecting the data and not just the database. The paradigm includes: +Data Discovery & Classification forms a new information-protection paradigm for SQL Database, SQL Managed Instance, and Azure Synapse, aimed at protecting the data and not just the database. Currently it supports the following capabilities: - **Discovery and recommendations:** The classification engine scans your database and identifies columns that contain potentially sensitive data. It then provides you with an easy way to review and apply recommended classification via the Azure portal. @@ -54,7 +54,7 @@ The classification includes two metadata attributes: ### Define and customize your classification taxonomy -Data Discovery & Classification comes with a built-in set of sensitivity labels and a built-in set of information types and discovery logic. You can now customize this taxonomy and define a set and ranking of classification constructs specifically for your environment. +Data Discovery & Classification comes with a built-in set of sensitivity labels and a built-in set of information types and discovery logic. You can customize this taxonomy and define a set and ranking of classification constructs specifically for your environment. You define and customize of your classification taxonomy in one central place for your entire Azure organization. That location is in [Azure Security Center](../../security-center/security-center-introduction.md), as part of your security policy. Only someone with administrative rights on the organization's root management group can do this task. @@ -189,4 +189,4 @@ You can use the REST API to programmatically manage classifications and recommen - Consider configuring [Azure SQL Auditing](../../azure-sql/database/auditing-overview.md) for monitoring and auditing access to your classified sensitive data. - For a presentation that includes data Discovery & Classification, see [Discovering, classifying, labeling & protecting SQL data | Data Exposed](https://www.youtube.com/watch?v=itVi9bkJUNc). -- To classify your Azure SQL Databases and Azure Synapse Analytics with Azure Purview labels using T-SQL commands, see [Classify your Azure SQL data using Azure Purview labels](../../sql-database/scripts/sql-database-import-purview-labels.md). \ No newline at end of file +- To classify your Azure SQL Databases and Azure Synapse Analytics with Azure Purview labels using T-SQL commands, see [Classify your Azure SQL data using Azure Purview labels](../../sql-database/scripts/sql-database-import-purview-labels.md). diff --git a/azure-sql/database/database-copy.md b/azure-sql/database/database-copy.md index 75d70d60426..8172c09a612 100644 --- a/azure-sql/database/database-copy.md +++ b/azure-sql/database/database-copy.md @@ -4,12 +4,12 @@ description: Create a transactionally consistent copy of an existing database in services: sql-database ms.service: sql-database ms.subservice: data-movement -ms.custom: sqldbrb=1 +ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sashan -ms.reviewer: wiassaf +author: shkale-msft +ms.author: shkale +ms.reviewer: mathoma ms.date: 03/10/2021 --- # Copy a transactionally consistent copy of a database in Azure SQL Database diff --git a/azure-sql/database/database-export.md b/azure-sql/database/database-export.md index c409bb5ff62..99c5e374aac 100644 --- a/azure-sql/database/database-export.md +++ b/azure-sql/database/database-export.md @@ -5,9 +5,9 @@ description: Export a database to a BACPAC file using the Azure portal. services: sql-database ms.service: sql-db-mi ms.subservice: data-movement -author: stevestein +author: cawrites ms.custom: sqldbrb=2 -ms.author: sstein +ms.author: chadam ms.reviewer: ms.date: 01/11/2021 ms.topic: how-to @@ -115,4 +115,4 @@ Stop-AzSqlDatabaseActivity -ResourceGroupName $ResourceGroupName -ServerName $Se - To learn about exporting a BACPAC from a SQL Server database, see [Export a Data-tier Application](/sql/relational-databases/data-tier-applications/export-a-data-tier-application) - To learn about using the Data Migration Service to migrate a database, see [Migrate from SQL Server to Azure SQL Database offline using DMS](../../dms/tutorial-sql-server-to-azure-sql.md). - If you are exporting from SQL Server as a prelude to migration to Azure SQL Database, see [Migrate a SQL Server database to Azure SQL Database](migrate-to-database-from-sql-server.md). -- To learn how to manage and share storage keys and shared access signatures securely, see [Azure Storage Security Guide](../../storage/blobs/security-recommendations.md). \ No newline at end of file +- To learn how to manage and share storage keys and shared access signatures securely, see [Azure Storage Security Guide](../../storage/blobs/security-recommendations.md). diff --git a/azure-sql/database/database-import-export-azure-services-off.md b/azure-sql/database/database-import-export-azure-services-off.md index 71a5c5ac3b8..2b701f081e4 100644 --- a/azure-sql/database/database-import-export-azure-services-off.md +++ b/azure-sql/database/database-import-export-azure-services-off.md @@ -7,9 +7,9 @@ ms.subservice: migration ms.custom: sqldbrb=1 ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: +author: shkale-msft +ms.author: shkale +ms.reviewer: mathoma ms.date: 01/08/2020 --- # Import or export an Azure SQL Database without allowing Azure services to access the server diff --git a/azure-sql/database/database-import-export-hang.md b/azure-sql/database/database-import-export-hang.md index d446d668f7d..dcdd584847d 100644 --- a/azure-sql/database/database-import-export-hang.md +++ b/azure-sql/database/database-import-export-hang.md @@ -8,7 +8,7 @@ ms.subservice: data-movement ms.topic: troubleshooting author: v-miegge ms.author: ramakoni -ms.reviewer: "" +ms.reviewer: cawrites ms.date: 09/27/2019 --- diff --git a/azure-sql/database/database-import.md b/azure-sql/database/database-import.md index 5fee8e5ac91..563e731217d 100644 --- a/azure-sql/database/database-import.md +++ b/azure-sql/database/database-import.md @@ -3,13 +3,13 @@ title: Import a BACPAC file to create a database in Azure SQL Database description: Create a new database in Azure SQL Database or Azure SQL Managed Instance from a BACPAC file. services: sql-database ms.service: sql-db-mi -ms.subservice: migrate +ms.subservice: backup-restore ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: ms.topic: quickstart -author: stevestein -ms.author: sstein -ms.reviewer: +author: shkale-msft +ms.author: shkale +ms.reviewer: cawrites ms.date: 10/29/2020 --- # Quickstart: Import a BACPAC file to a database in Azure SQL Database or Azure SQL Managed Instance diff --git a/azure-sql/database/design-first-database-tutorial.md b/azure-sql/database/design-first-database-tutorial.md index 364451d4d9a..df014d64d4d 100644 --- a/azure-sql/database/design-first-database-tutorial.md +++ b/azure-sql/database/design-first-database-tutorial.md @@ -5,9 +5,9 @@ services: sql-database ms.service: sql-database ms.subservice: development ms.topic: tutorial -author: stevestein -ms.author: sstein -ms.reviewer: v-masebo +author: dzsquared +ms.author: drskwier +ms.reviewer: mathoma, v-masebo ms.date: 07/29/2019 ms.custom: sqldbrb=1 --- diff --git a/azure-sql/database/designing-cloud-solutions-for-disaster-recovery.md b/azure-sql/database/designing-cloud-solutions-for-disaster-recovery.md index 81c8c69b415..af1cec88f8d 100644 --- a/azure-sql/database/designing-cloud-solutions-for-disaster-recovery.md +++ b/azure-sql/database/designing-cloud-solutions-for-disaster-recovery.md @@ -8,9 +8,9 @@ ms.subservice: development ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual -author: anosov1960 -ms.author: sashan -ms.reviewer: sstein +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 07/28/2020 --- # Designing globally available services using Azure SQL Database diff --git a/azure-sql/database/develop-cplusplus-simple.md b/azure-sql/database/develop-cplusplus-simple.md index 73fbce18924..c37681e4a5d 100644 --- a/azure-sql/database/develop-cplusplus-simple.md +++ b/azure-sql/database/develop-cplusplus-simple.md @@ -7,9 +7,9 @@ ms.subservice: development ms.custom: sqldbrb=1 ms.devlang: cpp ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: +author: dzsquared +ms.author: drskwier +ms.reviewer: mathoma ms.date: 12/12/2018 --- # Connect to SQL Database using C and C++ diff --git a/azure-sql/database/develop-overview.md b/azure-sql/database/develop-overview.md index 975fb0e6b9a..fdf8c6ded01 100644 --- a/azure-sql/database/develop-overview.md +++ b/azure-sql/database/develop-overview.md @@ -5,9 +5,9 @@ services: sql-database ms.service: sql-database ms.subservice: development ms.topic: conceptual -author: stevestein -ms.author: sstein -ms.reviewer: genemi +author: dzsquared +ms.author: drskwier +ms.reviewer: mathoma ms.date: 11/14/2019 ms.custom: sqldbrb=2 --- diff --git a/azure-sql/database/disaster-recovery-drills.md b/azure-sql/database/disaster-recovery-drills.md index 57ed1b92482..e03f8cc279e 100644 --- a/azure-sql/database/disaster-recovery-drills.md +++ b/azure-sql/database/disaster-recovery-drills.md @@ -7,9 +7,9 @@ ms.subservice: high-availability ms.custom: ms.devlang: ms.topic: conceptual -author: anosov1960 -ms.author: sashan -ms.reviewer: mathoma, sstein +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 12/18/2018 --- # Performing disaster recovery drills diff --git a/azure-sql/database/disaster-recovery-guidance.md b/azure-sql/database/disaster-recovery-guidance.md index ceb4f3d981e..1a9725fb853 100644 --- a/azure-sql/database/disaster-recovery-guidance.md +++ b/azure-sql/database/disaster-recovery-guidance.md @@ -7,9 +7,9 @@ ms.subservice: high-availability ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual -author: anosov1960 -ms.author: sashan -ms.reviewer: mathoma, sstein +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 06/21/2019 --- # Restore your Azure SQL Database or failover to a secondary diff --git a/azure-sql/database/disaster-recovery-strategies-for-applications-with-elastic-pool.md b/azure-sql/database/disaster-recovery-strategies-for-applications-with-elastic-pool.md index 2c3606aa71f..1225c6cdce8 100644 --- a/azure-sql/database/disaster-recovery-strategies-for-applications-with-elastic-pool.md +++ b/azure-sql/database/disaster-recovery-strategies-for-applications-with-elastic-pool.md @@ -7,9 +7,9 @@ ms.subservice: elastic-pools ms.custom: sqldbrb-1 ms.devlang: ms.topic: conceptual -author: anosov1960 -ms.author: sashan -ms.reviewer: sstein +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 01/25/2019 --- # Disaster recovery strategies for applications using Azure SQL Database elastic pools diff --git a/azure-sql/database/dns-alias-overview.md b/azure-sql/database/dns-alias-overview.md index 6c13b6d1e6f..4158e6ebdbb 100644 --- a/azure-sql/database/dns-alias-overview.md +++ b/azure-sql/database/dns-alias-overview.md @@ -3,13 +3,13 @@ title: DNS alias description: Your applications can connect to an alias for the name of the server for Azure SQL Database. Meanwhile, you can change the SQL Database the alias points to anytime, to facilitate testing and so on. services: sql-database ms.service: sql-database -ms.subservice: operations +ms.subservice: high-availability ms.custom: seo-lt-2019 sqldbrb=1 ms.devlang: ms.topic: conceptual -author: rohitnayakmsft -ms.author: rohitna -ms.reviewer: genemi, jrasnick, vanto +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma, jrasnick, vanto ms.date: 06/26/2019 --- # DNS alias for Azure SQL Database diff --git a/azure-sql/database/dns-alias-powershell-create.md b/azure-sql/database/dns-alias-powershell-create.md index e89a7917a84..1c323fc9571 100644 --- a/azure-sql/database/dns-alias-powershell-create.md +++ b/azure-sql/database/dns-alias-powershell-create.md @@ -2,15 +2,15 @@ title: DNS Alias (PowerShell & Azure CLI) description: PowerShell and Azure CLI cmdlets enable you to redirect new client connections to a different SQL server in Azure, without having to touch any client configuration. keywords: dns sql database -ms.custom: seo-lt-2019 sqldbrb=1, devx-track-azurecli +ms.custom: seo-lt-2019 sqldbrb=1, devx-track-azurecli, devx-track-azurepowershell services: sql-database ms.service: sql-database -ms.subservice: operations +ms.subservice: high-availability ms.devlang: PowerShell ms.topic: how-to -author: rohitnayakmsft -ms.author: rohitna -ms.reviewer: genemi, amagarwa, maboja, jrasnick, vanto +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma, amagarwa, maboja, jrasnick, vanto ms.date: 05/14/2019 --- # PowerShell for DNS Alias to Azure SQL Database @@ -136,4 +136,4 @@ az sql server dns-alias delete –-resource-group $resourceGroupName2 --server $ ## Next steps -For a full explanation of the DNS alias feature for SQL Database, see [DNS alias for Azure SQL Database](./dns-alias-overview.md). \ No newline at end of file +For a full explanation of the DNS alias feature for SQL Database, see [DNS alias for Azure SQL Database](./dns-alias-overview.md). diff --git a/azure-sql/database/doc-changes-updates-release-notes.md b/azure-sql/database/doc-changes-updates-release-notes.md index 348b8ee0142..308f64f6632 100644 --- a/azure-sql/database/doc-changes-updates-release-notes.md +++ b/azure-sql/database/doc-changes-updates-release-notes.md @@ -3,14 +3,14 @@ title: What's new? titleSuffix: Azure SQL Database & SQL Managed Instance description: Learn about the new features and documentation improvements for Azure SQL Database & SQL Managed Instance. services: sql-database -author: stevestein +author: MashaMSFT +ms.author: mathoma ms.service: sql-db-mi -ms.subservice: service +ms.subservice: service-overview ms.custom: sqldbrb=2 ms.devlang: ms.topic: conceptual ms.date: 04/17/2021 -ms.author: sstein --- # What's new in Azure SQL Database & SQL Managed Instance? [!INCLUDE[appliesto-sqldb-sqlmi](../includes/appliesto-sqldb-sqlmi.md)] diff --git a/azure-sql/database/elastic-convert-to-use-elastic-tools.md b/azure-sql/database/elastic-convert-to-use-elastic-tools.md index c6dc4dcc948..c12c22e264f 100644 --- a/azure-sql/database/elastic-convert-to-use-elastic-tools.md +++ b/azure-sql/database/elastic-convert-to-use-elastic-tools.md @@ -7,9 +7,9 @@ ms.subservice: scale-out ms.custom: sqldbrb=1 ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 01/25/2019 --- diff --git a/azure-sql/database/elastic-database-client-library.md b/azure-sql/database/elastic-database-client-library.md index 209bf7d543e..8cb06fb26a4 100644 --- a/azure-sql/database/elastic-database-client-library.md +++ b/azure-sql/database/elastic-database-client-library.md @@ -7,9 +7,9 @@ ms.subservice: scale-out ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein -ms.reviewer: +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 09/25/2018 --- # Building scalable cloud databases diff --git a/azure-sql/database/elastic-database-perf-counters.md b/azure-sql/database/elastic-database-perf-counters.md index ad5c3d376a2..0e9840490d5 100644 --- a/azure-sql/database/elastic-database-perf-counters.md +++ b/azure-sql/database/elastic-database-perf-counters.md @@ -7,9 +7,9 @@ ms.subservice: scale-out ms.custom: seoapril2019, seo-lt-2019, sqldbrb=1 ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 02/07/2019 --- # Create performance counters to track performance of shard map manager diff --git a/azure-sql/database/elastic-database-recovery-manager.md b/azure-sql/database/elastic-database-recovery-manager.md index 052dd0c85a8..ba8b8574c45 100644 --- a/azure-sql/database/elastic-database-recovery-manager.md +++ b/azure-sql/database/elastic-database-recovery-manager.md @@ -7,9 +7,9 @@ ms.subservice: scale-out ms.custom: seo-lt-2019, sqldbrb=1 ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 01/03/2019 --- # Using the RecoveryManager class to fix shard map problems diff --git a/azure-sql/database/elastic-jobs-migrate.md b/azure-sql/database/elastic-jobs-migrate.md index 6c2aaa64e5c..07eda49a8fc 100644 --- a/azure-sql/database/elastic-jobs-migrate.md +++ b/azure-sql/database/elastic-jobs-migrate.md @@ -4,12 +4,11 @@ description: Migrate to the new Elastic Database Jobs. services: sql-database ms.service: sql-database ms.subservice: scale-out -ms.custom: seo-lt-2019, sqldbrb=1 +ms.custom: seo-lt-2019, sqldbrb=1, devx-track-azurepowershell ms.devlang: ms.topic: how-to -author: johnpaulkee -ms.author: joke -ms.reviewer: sstein +author: MashaMSFT +ms.author: mathoma ms.date: 03/13/2019 --- # Migrate to the new Elastic Database jobs (preview) diff --git a/azure-sql/database/elastic-jobs-overview.md b/azure-sql/database/elastic-jobs-overview.md index 3dbac7f9acd..1bb4c21701b 100644 --- a/azure-sql/database/elastic-jobs-overview.md +++ b/azure-sql/database/elastic-jobs-overview.md @@ -3,13 +3,13 @@ title: Elastic Database Jobs (preview) description: 'Configure Elastic Database Jobs (preview) to run Transact-SQL (T-SQL) scripts across a set of one or more databases in Azure SQL Database' services: sql-database ms.service: sql-database -ms.subservice: scale-out +ms.subservice: elastic-jobs ms.custom: seo-lt-2019, sqldbrb=1 ms.devlang: ms.topic: conceptual author: srinia ms.author: srinia -ms.reviewer: sstein +ms.reviewer: mathoma ms.date: 12/18/2018 --- # Create, configure, and manage elastic jobs (preview) diff --git a/azure-sql/database/elastic-jobs-powershell-create.md b/azure-sql/database/elastic-jobs-powershell-create.md index f51aa66585f..29f84b79a78 100644 --- a/azure-sql/database/elastic-jobs-powershell-create.md +++ b/azure-sql/database/elastic-jobs-powershell-create.md @@ -3,13 +3,13 @@ title: Create an Elastic Job agent using PowerShell (preview) description: Learn how to create an Elastic Job agent using PowerShell. services: sql-database ms.service: sql-database -ms.subservice: scale-out +ms.subservice: elastic-jobs ms.custom: seo-lt-2019, devx-track-azurepowershell ms.devlang: ms.topic: tutorial -author: johnpaulkee -ms.author: joke -ms.reviwer: sstein +author: srinia +ms.author: srinia +ms.reviewer: mathoma ms.date: 10/21/2020 --- # Create an Elastic Job agent using PowerShell (preview) diff --git a/azure-sql/database/elastic-jobs-tsql-create-manage.md b/azure-sql/database/elastic-jobs-tsql-create-manage.md index d33a29803b2..4e51435d543 100644 --- a/azure-sql/database/elastic-jobs-tsql-create-manage.md +++ b/azure-sql/database/elastic-jobs-tsql-create-manage.md @@ -3,15 +3,15 @@ title: Create and manage Elastic Database Jobs (preview) with Transact-SQL (T-SQ description: Run scripts across many databases with Elastic Database Job agent using Transact-SQL (T-SQL). services: sql-database ms.service: sql-database -ms.subservice: scale-out +ms.subservice: elastic-jobs ms.custom: seo-lt-2019, sqldbrb=1 ms.devlang: dev_langs: - "TSQL" ms.topic: how-to -ms.author: jaredmoo -author: jaredmoo -ms.reviewer: sstein +author: srinia +ms.author: srinia +ms.reviewer: mathoma ms.date: 02/01/2021 --- # Use Transact-SQL (T-SQL) to create and manage Elastic Database Jobs (preview) diff --git a/azure-sql/database/elastic-pool-manage.md b/azure-sql/database/elastic-pool-manage.md index d63813e011f..a8e6700fd5b 100644 --- a/azure-sql/database/elastic-pool-manage.md +++ b/azure-sql/database/elastic-pool-manage.md @@ -5,9 +5,9 @@ services: sql-database ms.service: sql-database ms.subservice: elastic-pools ms.topic: conceptual -author: oslake -ms.author: moslake -ms.reviewer: sstein +author: arvindshmicrosoft +ms.author: arvindsh +ms.reviewer: mathoma ms.date: 03/12/2019 ms.custom: seoapril2019 sqldbrb=1, devx-track-azurecli --- diff --git a/azure-sql/database/elastic-pool-overview.md b/azure-sql/database/elastic-pool-overview.md index 7e8c302a289..0261600151f 100644 --- a/azure-sql/database/elastic-pool-overview.md +++ b/azure-sql/database/elastic-pool-overview.md @@ -7,9 +7,9 @@ ms.subservice: elastic-pools ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual -author: oslake -ms.author: moslake -ms.reviewer: ninarn, sstein +author: arvindshmicrosoft +ms.author: arvindsh +ms.reviewer: mathoma ms.date: 12/9/2020 --- # Elastic pools help you manage and scale multiple databases in Azure SQL Database diff --git a/azure-sql/database/elastic-pool-scale.md b/azure-sql/database/elastic-pool-scale.md index 85edc27fa6f..0adf74afa81 100644 --- a/azure-sql/database/elastic-pool-scale.md +++ b/azure-sql/database/elastic-pool-scale.md @@ -7,9 +7,9 @@ ms.subservice: elastic-pools ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual -author: oslake -ms.author: moslake -ms.reviewer: sstein +author: arvindshmicrosoft +ms.author: arvindsh +ms.reviewer: mathoma ms.date: 04/09/2021 --- # Scale elastic pool resources in Azure SQL Database diff --git a/azure-sql/database/elastic-query-getting-started-vertical.md b/azure-sql/database/elastic-query-getting-started-vertical.md index f7b6458e972..70837f48d5a 100644 --- a/azure-sql/database/elastic-query-getting-started-vertical.md +++ b/azure-sql/database/elastic-query-getting-started-vertical.md @@ -7,9 +7,9 @@ ms.subservice: scale-out ms.custom: sqldbrb=1 ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 01/25/2019 --- # Get started with cross-database queries (vertical partitioning) (preview) diff --git a/azure-sql/database/elastic-scale-add-a-shard.md b/azure-sql/database/elastic-scale-add-a-shard.md index d11e47e1bf9..d67808a73f6 100644 --- a/azure-sql/database/elastic-scale-add-a-shard.md +++ b/azure-sql/database/elastic-scale-add-a-shard.md @@ -7,9 +7,9 @@ ms.subservice: scale-out ms.custom: sqldbrb=1 ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 01/03/2019 --- # Adding a shard using Elastic Database tools diff --git a/azure-sql/database/elastic-scale-configure-deploy-split-and-merge.md b/azure-sql/database/elastic-scale-configure-deploy-split-and-merge.md index f9dc6479e2e..67dd7fe7f86 100644 --- a/azure-sql/database/elastic-scale-configure-deploy-split-and-merge.md +++ b/azure-sql/database/elastic-scale-configure-deploy-split-and-merge.md @@ -7,9 +7,9 @@ ms.subservice: scale-out ms.custom: sqldbrb=1 ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 12/04/2018 --- # Deploy a split-merge service to move data between sharded databases diff --git a/azure-sql/database/elastic-scale-data-dependent-routing.md b/azure-sql/database/elastic-scale-data-dependent-routing.md index b967a2d5607..eb882eea65f 100644 --- a/azure-sql/database/elastic-scale-data-dependent-routing.md +++ b/azure-sql/database/elastic-scale-data-dependent-routing.md @@ -7,9 +7,9 @@ ms.subservice: scale-out ms.custom: sqldbrb=1 ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 01/25/2019 --- # Use data-dependent routing to route a query to an appropriate database diff --git a/azure-sql/database/elastic-scale-faq.md b/azure-sql/database/elastic-scale-faq.md index 895eb3b60b4..2a6d92d874d 100644 --- a/azure-sql/database/elastic-scale-faq.md +++ b/azure-sql/database/elastic-scale-faq.md @@ -7,9 +7,9 @@ ms.subservice: scale-out ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein -ms.reviewer: +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 01/25/2019 --- # Elastic database tools frequently asked questions (FAQ) diff --git a/azure-sql/database/elastic-scale-get-started.md b/azure-sql/database/elastic-scale-get-started.md index b276610ce9f..80e705f4f1f 100644 --- a/azure-sql/database/elastic-scale-get-started.md +++ b/azure-sql/database/elastic-scale-get-started.md @@ -7,9 +7,9 @@ ms.subservice: scale-out ms.custom: sqldbrb=1 ms.devlang: ms.topic: how-to -author: anumjs -ms.author: anjangsh -ms.reviewer: sstein +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 01/25/2019 --- # Get started with Elastic Database Tools diff --git a/azure-sql/database/elastic-scale-glossary.md b/azure-sql/database/elastic-scale-glossary.md index fc130713e55..32f2be7359e 100644 --- a/azure-sql/database/elastic-scale-glossary.md +++ b/azure-sql/database/elastic-scale-glossary.md @@ -7,9 +7,9 @@ ms.subservice: scale-out ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein -ms.reviewer: +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 12/04/2018 --- # Elastic Database tools glossary diff --git a/azure-sql/database/elastic-scale-introduction.md b/azure-sql/database/elastic-scale-introduction.md index bd51328d74f..0af65b72923 100644 --- a/azure-sql/database/elastic-scale-introduction.md +++ b/azure-sql/database/elastic-scale-introduction.md @@ -6,8 +6,9 @@ ms.service: sql-database ms.subservice: scale-out ms.topic: conceptual ms.custom: sqldbrb=1 -author: stevestein -ms.author: sstein +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 01/25/2019 --- # Scaling out with Azure SQL Database diff --git a/azure-sql/database/elastic-scale-manage-credentials.md b/azure-sql/database/elastic-scale-manage-credentials.md index 5b4f7c8c528..074e26a6866 100644 --- a/azure-sql/database/elastic-scale-manage-credentials.md +++ b/azure-sql/database/elastic-scale-manage-credentials.md @@ -7,9 +7,9 @@ ms.subservice: scale-out ms.custom: sqldbrb=1 ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 01/03/2019 --- # Credentials used to access the Elastic Database client library diff --git a/azure-sql/database/elastic-scale-multishard-querying.md b/azure-sql/database/elastic-scale-multishard-querying.md index 22bcecfee50..523b0b7581c 100644 --- a/azure-sql/database/elastic-scale-multishard-querying.md +++ b/azure-sql/database/elastic-scale-multishard-querying.md @@ -6,8 +6,9 @@ ms.service: sql-database ms.subservice: scale-out ms.topic: how-to ms.custom: sqldbrb=1 -author: stevestein -ms.author: sstein +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 01/25/2019 --- # Multi-shard querying using elastic database tools diff --git a/azure-sql/database/elastic-scale-overview-split-and-merge.md b/azure-sql/database/elastic-scale-overview-split-and-merge.md index dee4f6b5533..f146fa7a187 100644 --- a/azure-sql/database/elastic-scale-overview-split-and-merge.md +++ b/azure-sql/database/elastic-scale-overview-split-and-merge.md @@ -4,12 +4,12 @@ description: Explains how to manipulate shards and move data via a self-hosted s services: sql-database ms.service: sql-database ms.subservice: scale-out -ms.custom: sqldbrb=1 +ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein -ms.reviewer: +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 03/12/2019 --- # Moving data between scaled-out cloud databases @@ -277,4 +277,4 @@ You do not need to provision a new metadata database for split-merge to upgrade. [1]:./media/elastic-scale-overview-split-and-merge/split-merge-overview.png [2]:./media/elastic-scale-overview-split-and-merge/diagnostics.png -[3]:./media/elastic-scale-overview-split-and-merge/diagnostics-config.png \ No newline at end of file +[3]:./media/elastic-scale-overview-split-and-merge/diagnostics-config.png diff --git a/azure-sql/database/elastic-scale-shard-map-management.md b/azure-sql/database/elastic-scale-shard-map-management.md index 8f0ef5f9229..09c1d3d97d3 100644 --- a/azure-sql/database/elastic-scale-shard-map-management.md +++ b/azure-sql/database/elastic-scale-shard-map-management.md @@ -7,9 +7,9 @@ ms.subservice: scale-out ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein -ms.reviewer: +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 01/25/2019 --- # Scale out databases with the shard map manager diff --git a/azure-sql/database/elastic-scale-upgrade-client-library.md b/azure-sql/database/elastic-scale-upgrade-client-library.md index 01d9d119151..55ca5b06f38 100644 --- a/azure-sql/database/elastic-scale-upgrade-client-library.md +++ b/azure-sql/database/elastic-scale-upgrade-client-library.md @@ -7,9 +7,9 @@ ms.subservice: scale-out ms.custom: sqldbrb=1 ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 01/03/2019 --- # Upgrade an app to use the latest elastic database client library diff --git a/azure-sql/database/elastic-scale-use-entity-framework-applications-visual-studio.md b/azure-sql/database/elastic-scale-use-entity-framework-applications-visual-studio.md index a17c474df56..d8e09dd7013 100644 --- a/azure-sql/database/elastic-scale-use-entity-framework-applications-visual-studio.md +++ b/azure-sql/database/elastic-scale-use-entity-framework-applications-visual-studio.md @@ -7,9 +7,9 @@ ms.subservice: scale-out ms.custom: sqldbrb=1 ms.devlang: ms.topic: sample -author: stevestein -ms.author: sstein -ms.reviewer: +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 01/04/2019 --- # Elastic Database client library with Entity Framework diff --git a/azure-sql/database/elastic-scale-working-with-dapper.md b/azure-sql/database/elastic-scale-working-with-dapper.md index c3e9351db7e..399eae3655b 100644 --- a/azure-sql/database/elastic-scale-working-with-dapper.md +++ b/azure-sql/database/elastic-scale-working-with-dapper.md @@ -7,9 +7,9 @@ ms.subservice: scale-out ms.custom: sqldbrb=1 ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 12/04/2018 --- # Using the elastic database client library with Dapper diff --git a/azure-sql/database/elastic-transactions-overview.md b/azure-sql/database/elastic-transactions-overview.md index e985ba360eb..9b6c662db99 100644 --- a/azure-sql/database/elastic-transactions-overview.md +++ b/azure-sql/database/elastic-transactions-overview.md @@ -7,9 +7,9 @@ ms.subservice: scale-out ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein -ms.reviewer: +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 03/12/2019 --- # Distributed transactions across cloud databases (preview) diff --git a/azure-sql/database/failover-group-add-elastic-pool-tutorial.md b/azure-sql/database/failover-group-add-elastic-pool-tutorial.md index 01b5b5e44b0..e5179789ab1 100644 --- a/azure-sql/database/failover-group-add-elastic-pool-tutorial.md +++ b/azure-sql/database/failover-group-add-elastic-pool-tutorial.md @@ -7,9 +7,9 @@ ms.subservice: high-availability ms.custom: seo-lt-2019 sqldbrb=1, devx-track-azurecli ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein -ms.reviewer: +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 08/27/2019 --- # Tutorial: Add an Azure SQL Database elastic pool to a failover group diff --git a/azure-sql/database/failover-group-add-single-database-tutorial.md b/azure-sql/database/failover-group-add-single-database-tutorial.md index 217b663208a..c32ed572965 100644 --- a/azure-sql/database/failover-group-add-single-database-tutorial.md +++ b/azure-sql/database/failover-group-add-single-database-tutorial.md @@ -7,9 +7,9 @@ ms.subservice: high-availability ms.custom: sqldbrb=1, devx-track-azurecli ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein -ms.reviewer: +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 06/19/2019 --- # Tutorial: Add an Azure SQL Database to an autofailover group diff --git a/azure-sql/database/features-comparison.md b/azure-sql/database/features-comparison.md index a48787aff05..177f2602334 100644 --- a/azure-sql/database/features-comparison.md +++ b/azure-sql/database/features-comparison.md @@ -4,13 +4,13 @@ titleSuffix: Azure SQL Database & SQL Managed Instance description: This article compares the database engine features of Azure SQL Database and Azure SQL Managed Instance services: sql-database ms.service: sql-db-mi -ms.subservice: features +ms.subservice: service-overview ms.custom: ms.devlang: ms.topic: conceptual author: danimir ms.author: danil -ms.reviewer: bonova, sstein, danil +ms.reviewer: bonova, mathoma, danil ms.date: 05/18/2021 --- @@ -31,6 +31,7 @@ If you need more details about the differences, you can find them in the separat - [Azure SQL Database vs. SQL Server differences](transact-sql-tsql-differences-sql-server.md) - [Azure SQL Managed Instance vs. SQL Server differences](../managed-instance/transact-sql-tsql-differences-sql-server.md) + ## Features of SQL Database and SQL Managed Instance The following table lists the major features of SQL Server and provides information about whether the feature is partially or fully supported in Azure SQL Database and Azure SQL Managed Instance, with a link to more information about the feature. @@ -148,6 +149,7 @@ The Azure platform provides a number of PaaS capabilities that are added as an a | [VNet](../../virtual-network/virtual-networks-overview.md) | Partial, it enables restricted access using [VNet Endpoints](vnet-service-endpoint-rule-overview.md) | Yes, SQL Managed Instance is injected in customer's VNet. See [subnet](../managed-instance/transact-sql-tsql-differences-sql-server.md#subnet) and [VNet](../managed-instance/transact-sql-tsql-differences-sql-server.md#vnet) | | VNet Service endpoint | [Yes](vnet-service-endpoint-rule-overview.md) | No | | VNet Global peering | Yes, using [Private IP and service endpoints](vnet-service-endpoint-rule-overview.md) | Yes, using [Virtual network peering](https://techcommunity.microsoft.com/t5/azure-sql/new-feature-global-vnet-peering-support-for-azure-sql-managed/ba-p/1746913). | +| [Private connectivity](../../private-link/private-link-overview.md) | Yes, using [Private Link](/database/private-endpoint-overview.md) | Yes, using VNet. | ## Tools @@ -168,7 +170,7 @@ Azure SQL Database and Azure SQL Managed Instance support various data tools tha | [SQL Server Management Studio (SSMS)](/sql/ssms/download-sql-server-management-studio-ssms) | Yes | Yes [version 18.0 and higher](/sql/ssms/download-sql-server-management-studio-ssms) | | [SQL Server PowerShell](/sql/relational-databases/scripting/sql-server-powershell) | Yes | Yes | | [SQL Server Profiler](/sql/tools/sql-server-profiler/sql-server-profiler) | No - see [Extended events](xevent-db-diff-from-svr.md) | Yes | -| [System Center Operations Manager (SCOM)](/system-center/scom/welcome) | [Yes](https://www.microsoft.com/download/details.aspx?id=38829) | [Yes](https://www.microsoft.com/en-us/download/details.aspx?id=101203) | +| [System Center Operations Manager](/system-center/scom/welcome) | [Yes](https://www.microsoft.com/download/details.aspx?id=38829) | [Yes](https://www.microsoft.com/en-us/download/details.aspx?id=101203) | ## Migration methods diff --git a/azure-sql/database/file-space-manage.md b/azure-sql/database/file-space-manage.md index 59c737cbd48..c6602f3dd3c 100644 --- a/azure-sql/database/file-space-manage.md +++ b/azure-sql/database/file-space-manage.md @@ -4,13 +4,13 @@ description: This page describes how to manage file space with single and pooled services: sql-database ms.service: sql-database ms.subservice: operations -ms.custom: sqldbrb=1 +ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: ms.topic: conceptual author: oslake ms.author: moslake ms.reviewer: jrasnick, sstein -ms.date: 12/22/2020 +ms.date: 05/28/2021 --- # Manage file space for databases in Azure SQL Database [!INCLUDE[appliesto-sqldb](../includes/appliesto-sqldb.md)] @@ -32,7 +32,7 @@ Monitoring file space usage and shrinking data files may be necessary in the fol ### Monitoring file space usage -Most storage space metrics displayed in the Azure portal and the following APIs only measure the size of used data pages: +Most storage space metrics displayed in the following APIs only measure the size of used data pages: - Azure Resource Manager based metrics APIs including PowerShell [get-metrics](/powershell/module/az.monitor/get-azmetric) - T-SQL: [sys.dm_db_resource_stats](/sql/relational-databases/system-dynamic-management-views/sys-dm-db-resource-stats-azure-sql-database) @@ -46,8 +46,15 @@ However, the following APIs also measure the size of space allocated for databas Azure SQL Database does not automatically shrink data files to reclaim unused allocated space due to the potential impact to database performance. However, customers may shrink data files via self-service at a time of their choosing by following the steps described in [reclaim unused allocated space](#reclaim-unused-allocated-space). -> [!NOTE] -> Unlike data files, Azure SQL Database automatically shrinks log files since that operation does not impact database performance. +### Shrinking transaction log file + +Unlike data files, Azure SQL Database automatically shrinks transaction log file to avoid excessive space usage that can lead to out-of-space errors. It is usually not necessary for customers to shrink the transaction log file. + +In Premium and Business Critical service tiers, if the transaction log becomes large, it may significantly contribute to local storage consumption toward the [maximum local storage](resource-limits-logical-server.md#storage-space-governance) limit. If local storage consumption is close to the limit, customers may choose to shrink transaction log using the [DBCC SHRINKFILE](/sql/t-sql/database-console-commands/dbcc-shrinkfile-transact-sql) command as shown in the following example. This releases local storage as soon as the command completes, without waiting for the periodic automatic shrink operation. + +```tsql +DBCC SHRINKFILE (2); +``` ## Understanding types of storage space for a database @@ -55,7 +62,7 @@ Understanding the following storage space quantities are important for managing |Database quantity|Definition|Comments| |---|---|---| -|**Data space used**|The amount of space used to store database data in 8 KB pages.|Generally, space used increases (decreases) on inserts (deletes). In some cases, the space used does not change on inserts or deletes depending on the amount and pattern of data involved in the operation and any fragmentation. For example, deleting one row from every data page does not necessarily decrease the space used.| +|**Data space used**|The amount of space used to store database data.|Generally, space used increases (decreases) on inserts (deletes). In some cases, the space used does not change on inserts or deletes depending on the amount and pattern of data involved in the operation and any fragmentation. For example, deleting one row from every data page does not necessarily decrease the space used.| |**Data space allocated**|The amount of formatted file space made available for storing database data.|The amount of space allocated grows automatically, but never decreases after deletes. This behavior ensures that future inserts are faster since space does not need to be reformatted.| |**Data space allocated but unused**|The difference between the amount of data space allocated and data space used.|This quantity represents the maximum amount of free space that can be reclaimed by shrinking database data files.| |**Data max size**|The maximum amount of space that can be used for storing database data.|The amount of data space allocated cannot grow beyond the data max size.| @@ -217,21 +224,22 @@ For more information about this command, see [SHRINKDATABASE](/sql/t-sql/databas ### Auto-shrink -Alternatively, auto shrink can be enabled for a database. Auto shrink reduces file management complexity and is less impactful to database performance than `SHRINKDATABASE` or `SHRINKFILE`. Auto shrink can be particularly helpful for managing elastic pools with many databases. However, auto shrink can be less effective in reclaiming file space than `SHRINKDATABASE` and `SHRINKFILE`. -By default, Auto Shrink is disabled as recommended for most databases. For more information, see [Considerations for AUTO_SHRINK](/troubleshoot/sql/admin/considerations-autogrow-autoshrink#considerations-for-auto_shrink). +Alternatively, auto-shrink can be enabled for a database. Auto-shrink reduces file management complexity and is less impactful to database performance than `SHRINKDATABASE` or `SHRINKFILE`. Auto-shrink can be particularly helpful in managing elastic pools with many databases that experience significant growth and reduction in space used. However, auto shrink can be less effective in reclaiming file space than `SHRINKDATABASE` and `SHRINKFILE`. + +By default, auto-shrink is disabled, which is recommended for most databases. If it becomes necessary to enable auto-shrink, it is recommended to disable it once space management goals have been achieved, instead of keeping it enabled permanently. For more information, see [Considerations for AUTO_SHRINK](/troubleshoot/sql/admin/considerations-autogrow-autoshrink#considerations-for-auto_shrink). -To enable auto shrink, modify the name of the database in the following command. +To enable auto-shrink, execute the following command in your database (not in the master database). ```sql --- Enable auto-shrink for the database. -ALTER DATABASE [db1] SET AUTO_SHRINK ON; +-- Enable auto-shrink for the current database. +ALTER DATABASE CURRENT SET AUTO_SHRINK ON; ``` For more information about this command, see [DATABASE SET](/sql/t-sql/statements/alter-database-transact-sql-set-options) options. ### Rebuild indexes -After database data files are shrunk, indexes may become fragmented and lose their performance optimization effectiveness. If performance degradation occurs, then consider rebuilding database indexes. For more information on fragmentation and rebuilding indexes, see [Reorganize and Rebuild Indexes](/sql/relational-databases/indexes/reorganize-and-rebuild-indexes). +After data files are shrunk, indexes may become fragmented and lose their performance optimization effectiveness. If performance degradation occurs, consider rebuilding database indexes. For more information on fragmentation and index maintenance, see [Optimize index maintenance to improve query performance and reduce resource consumption](/sql/relational-databases/indexes/reorganize-and-rebuild-indexes). ## Next steps @@ -241,4 +249,4 @@ After database data files are shrunk, indexes may become fragmented and lose the - [Azure SQL Database vCore-based purchasing model limits for elastic pools](resource-limits-vcore-elastic-pools.md) - [Resources limits for elastic pools using the DTU-based purchasing model](resource-limits-dtu-elastic-pools.md) - For more information about the `SHRINKDATABASE` command, see [SHRINKDATABASE](/sql/t-sql/database-console-commands/dbcc-shrinkdatabase-transact-sql). -- For more information on fragmentation and rebuilding indexes, see [Reorganize and Rebuild Indexes](/sql/relational-databases/indexes/reorganize-and-rebuild-indexes). \ No newline at end of file +- For more information on fragmentation and rebuilding indexes, see [Reorganize and Rebuild Indexes](/sql/relational-databases/indexes/reorganize-and-rebuild-indexes). diff --git a/azure-sql/database/firewall-configure.md b/azure-sql/database/firewall-configure.md index 85ea700535a..1f3c2e5298c 100644 --- a/azure-sql/database/firewall-configure.md +++ b/azure-sql/database/firewall-configure.md @@ -5,7 +5,7 @@ services: sql-database ms.service: sql-database ms.subservice: security titleSuffix: Azure SQL Database and Azure Synapse Analytics -ms.custom: sqldbrb=1, devx-track-azurecli +ms.custom: sqldbrb=1, devx-track-azurecli, devx-track-azurepowershell ms.devlang: ms.topic: conceptual author: VanMSFT diff --git a/azure-sql/database/firewall-create-server-level-portal-quickstart.md b/azure-sql/database/firewall-create-server-level-portal-quickstart.md index c0fe13f075f..2167a56acc0 100644 --- a/azure-sql/database/firewall-create-server-level-portal-quickstart.md +++ b/azure-sql/database/firewall-create-server-level-portal-quickstart.md @@ -7,9 +7,9 @@ ms.subservice: security ms.custom: sqldbrb=1 ms.devlang: ms.topic: quickstart -author: sachinpMSFT -ms.author: sachinp -ms.reviewer: vanto, sstein +author: rohitnayakmsft +ms.author: rohitna +ms.reviewer: mathoma, vanto ms.date: 02/11/2019 --- # Quickstart: Create a server-level firewall rule using the Azure portal diff --git a/azure-sql/database/gateway-migration.md b/azure-sql/database/gateway-migration.md index d9e77953401..faa2afd79c5 100644 --- a/azure-sql/database/gateway-migration.md +++ b/azure-sql/database/gateway-migration.md @@ -3,12 +3,12 @@ title: Gateway traffic migration notice description: Article provides notice to users about the migration of Azure SQL Database gateway IP addresses services: sql-database ms.service: sql-db-mi -ms.subservice: service +ms.subservice: service-overview ms.custom: sqldbrb=1  ms.topic: conceptual author: rohitnayakmsft ms.author: rohitna -ms.reviewer: vanto +ms.reviewer: vanto, mathoma ms.date: 07/01/2019 --- # Azure SQL Database traffic migration to newer Gateways @@ -26,7 +26,7 @@ The most up-to-date information will be maintained in the [Azure SQL Database ga ## June 2021 New SQL Gateways are being added to the following regions: - UK West: 51.140.208.96, 51.140.208.97 -- Korea Central US: 20.44.24.32, 20.194.64.33 +- Korea Central: 20.44.24.32, 20.194.64.33 - Japan East: 13.78.104.32 This SQL Gateway shall start accepting customer traffic on 1 June 2021. @@ -86,12 +86,12 @@ New SQL Gateways are being added to the following regions: - Australia Central 2: 20.36.112.6 - Brazil South: 191.234.144.16 ,191.234.152.3 - Canada East: 40.69.105.9 ,40.69.105.10 -- India Central: 104.211.86.30 , 104.211.86.31 +- Central India: 104.211.86.30 , 104.211.86.31 - East Asia: 13.75.32.14 - France Central: 40.79.137.8, 40.79.145.12 - France South: 40.79.177.10 ,40.79.177.12 - Korea Central: 52.231.17.22 ,52.231.17.23 -- India West: 104.211.144.4 +- West India: 104.211.144.4 These SQL Gateways shall start accepting customer traffic on 31 January 2021. @@ -194,4 +194,4 @@ If the above mitigation doesn't work, file a support request for SQL Database or ## Next steps -- Find out more about [Azure SQL Connectivity Architecture](connectivity-architecture.md) \ No newline at end of file +- Find out more about [Azure SQL Connectivity Architecture](connectivity-architecture.md) diff --git a/azure-sql/database/geo-distributed-application-configure-tutorial.md b/azure-sql/database/geo-distributed-application-configure-tutorial.md index 41c46eb66b0..8874432b892 100644 --- a/azure-sql/database/geo-distributed-application-configure-tutorial.md +++ b/azure-sql/database/geo-distributed-application-configure-tutorial.md @@ -7,9 +7,9 @@ ms.subservice: high-availability ms.custom: sqldbrb=1, devx-track-azurecli, devx-track-azurepowershell ms.devlang: ms.topic: conceptual -author: anosov1960 -ms.author: sashan -ms.reviewer: mathoma, sstein +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 03/12/2019 --- # Tutorial: Implement a geo-distributed database (Azure SQL Database) diff --git a/azure-sql/database/how-to-content-reference-guide.md b/azure-sql/database/how-to-content-reference-guide.md index 9c82da2f6a9..e01344dfd10 100644 --- a/azure-sql/database/how-to-content-reference-guide.md +++ b/azure-sql/database/how-to-content-reference-guide.md @@ -3,13 +3,12 @@ title: Configure & manage content reference description: Find a reference of content that teaches you to configure and manage Azure SQL Database. services: sql-database ms.service: sql-database -ms.subservice: single-database +ms.subservice: deployment-configuration ms.custom: sqldbrb=1 ms.devlang: ms.topic: guide -author: jovanpop-msft -ms.author: jovanpop -ms.reviewer: sstein +author: MashaMSFT +ms.author: mathoma ms.date: 01/14/2020 --- # Configure and manage content reference - Azure SQL Database diff --git a/azure-sql/database/hyperscale-performance-diagnostics.md b/azure-sql/database/hyperscale-performance-diagnostics.md index e5873330564..9c37da5ccc4 100644 --- a/azure-sql/database/hyperscale-performance-diagnostics.md +++ b/azure-sql/database/hyperscale-performance-diagnostics.md @@ -3,12 +3,12 @@ title: Performance diagnostics in Hyperscale description: This article describes how to troubleshoot Hyperscale performance problems in Azure SQL Database. services: sql-database ms.service: sql-database -ms.subservice: service +ms.subservice: performance ms.custom: seo-lt-2019 sqldbrb=1 ms.topic: troubleshooting author: denzilribeiro ms.author: denzilr -ms.reviewer: sstein +ms.reviewer: mathoma ms.date: 10/18/2019 --- diff --git a/azure-sql/database/index.yml b/azure-sql/database/index.yml index 7bab8f77d4c..a8ba4caae62 100644 --- a/azure-sql/database/index.yml +++ b/azure-sql/database/index.yml @@ -8,10 +8,10 @@ metadata: description: Find documentation about Azure SQL Database, a platform-as-a-service (PaaS) based on the latest stable version of Microsoft SQL Server. services: sql-database ms.service: sql-database - ms.subservice: single-database + ms.subservice: service-overview ms.topic: landing-page - author: stevestein - ms.author: sstein + author: MashaMSFT + ms.author: mathoma ms.reviewer: ms.date: 01/25/2021 diff --git a/azure-sql/database/job-automation-managed-instances.md b/azure-sql/database/job-automation-managed-instances.md index 1f69c31b3c5..42426119d40 100644 --- a/azure-sql/database/job-automation-managed-instances.md +++ b/azure-sql/database/job-automation-managed-instances.md @@ -3,7 +3,7 @@ title: Job automation with SQL Agent jobs in Azure SQL Managed Instance description: 'Automation options to run Transact-SQL (T-SQL) scripts in Azure SQL Managed Instance' services: sql-database ms.service: sql-db-mi -ms.subservice: features +ms.subservice: deployment-configuration ms.custom: sqldbrb=1 dev_langs: - TSQL diff --git a/azure-sql/database/ledger-append-only-ledger-tables.md b/azure-sql/database/ledger-append-only-ledger-tables.md new file mode 100644 index 00000000000..2a68a5d7f54 --- /dev/null +++ b/azure-sql/database/ledger-append-only-ledger-tables.md @@ -0,0 +1,60 @@ +--- +title: "Azure SQL Database append-only ledger tables" +description: This article provides information on append-only ledger table schema and views in Azure SQL Database +ms.custom: "" +ms.date: "05/25/2021" +ms.service: sql-database +ms.subservice: security +ms.reviewer: vanto +ms.topic: conceptual +author: JasonMAnderson +ms.author: janders +--- + +# Azure SQL Database append-only ledger tables + +[!INCLUDE[appliesto-sqldb](../includes/appliesto-sqldb.md)] + +> [!NOTE] +> Azure SQL Database ledger is currently in **public preview**. + +Append-only ledger tables allow only `INSERT` operations on your tables, ensuring that privileged users such as Database Administrators (DBAs) can't alter data through traditional [Data Manipulation Language (DML)](/sql/t-sql/queries/queries) operations. Append-only ledger tables are ideal for systems that don't update or delete records, such as Security Information Event and Management (SIEM) systems, or blockchain systems where data needs to be replicated from the blockchain to a database. Since there are no `UPDATE` or `DELETE` operations on an append-only table, there's no need for a corresponding history table as there is with [Updatable ledger tables](ledger-updatable-ledger-tables.md). + +:::image type="content" source="media/ledger/ledger-table-architecture-append-only.png" alt-text="architecture of ledger tables"::: + +Creating an append-only ledger table can be done through specifying the `LEDGER = ON` argument in your [CREATE TABLE (Transact-SQL)](/sql/t-sql/statements/create-table-transact-sql) statement and specifying the `APPEND_ONLY = ON` option. + +> [!IMPORTANT] +> Once a table has been created as ledger table, it cannot be reverted back to a table that does not have ledger functionality. This is to ensure an attacker cannot temporarily remove ledger capabilities, make changes to the table, and then re-enable ledger functionality. + +### Append-only ledger table schema + +An append-only table needs to have the following [GENERATED ALWAYS](/sql/t-sql/statements/create-table-transact-sql#generate-always-columns) columns that contain metadata noting which transactions made changes to the table and the order of operations by which rows were updated by the transaction. When creating an append-only ledger table, `GENERATED ALWAYS` columns will be created in your ledger table. This data is useful for forensics purposes in understanding how data was inserted over time. + +If you do not specify the definitions of the `GENERATED ALWAYS` columns in the [CREATE TABLE](/sql/t-sql/statements/create-table-transact-sql) statement, the system will automatically add them, using the below default names. + +| Default column name | Data type | Description | +|--|--|--| +| ledger_start_transaction_id | bigint | The ID of the transaction that created a row version. | +| ledger_start_sequence_number | bigint | The sequence number of an operation within a transaction that created a row version. | + +## Ledger view + +For every append-only ledger table, the system automatically generates a view, called the ledger view. The ledger view reports all row inserts that have occurred on the table. The ledger view is primarily helpful for [updatable ledger tables](ledger-updatable-ledger-tables.md), rather than append-only ledger tables, as append-only ledger tables don't have any `UPDATE` or `DELETE` capabilities. The ledger view for append-only ledger tables is available for consistency between both updatable and append-only ledger tables. + +### Ledger view schema + +> [!NOTE] +> The ledger view column names can be customized when creating the table using the `` parameter with the [CREATE TABLE (Transact-SQL)](/sql/t-sql/statements/create-table-transact-sql?view=azuresqldb-current&preserve-view=true) statement. For more information, see [ledger view options](/sql/t-sql/statements/create-table-transact-sql?view=azuresqldb-current&preserve-view=true#ledger-view-options) and the corresponding examples in [CREATE TABLE (Transact-SQL)](/sql/t-sql/statements/create-table-transact-sql?view=azuresqldb-current&preserve-view=true). + +| Default column name | Data type | Description | +| --- | --- | --- | +| ledger_transaction_id | bigint | The ID of the transaction that created or deleted a row version. | +| ledger_sequence_number | bigint | The sequence number of a row-level operation within the transaction on the table. | +| ledger_operation_type_id | tinyint | Contains `0` (**INSERT**) or `1` (**DELETE**). Inserting a row into the ledger table produces a new row in the ledger view containing `0` in this column. Deleting a row from the ledger table produces a new row in the ledger view containing `1` in this column. Updating a row in the ledger table produces two new rows in the ledger view. One row contains `1` (**DELETE**) and the other row contains `1` (**INSERT**) in this column. A DELETE should not occur on an append-only ledger table. | +| ledger_operation_type_desc | nvarchar(128) | Contains `INSERT` or `DELETE`. See above for details. | + +## Next steps + +- [Create and use append-only ledger tables](ledger-how-to-append-only-ledger-tables.md) +- [Create and use updatable ledger tables](ledger-how-to-updatable-ledger-tables.md) diff --git a/azure-sql/database/ledger-audit.md b/azure-sql/database/ledger-audit.md new file mode 100644 index 00000000000..08c83985fe4 --- /dev/null +++ b/azure-sql/database/ledger-audit.md @@ -0,0 +1,122 @@ +--- +title: "Azure SQL Database audit events with ledger-enabled tables" +description: Overview of Azure SQL Database ledger auditing capabilities +ms.custom: "" +ms.date: "05/25/2021" +ms.service: sql-database +ms.subservice: security +ms.reviewer: vanto +ms.topic: conceptual +author: JasonMAnderson +ms.author: janders +--- + +# Azure SQL Database audit events with ledger-enabled tables + +[!INCLUDE[appliesto-sqldb](../includes/appliesto-sqldb.md)] + +> [!NOTE] +> Azure SQL Database ledger is currently in **public preview**. + +When performing forensics activities with ledger-enabled tables, in addition to the data captured in the ledger view and database ledger, additional action IDs are added to the SQL audit logs. The following table outlines these new audit logging events along with the conditions that trigger the events. + +## Enable ledger + +| Column | Value | +|--|--| +| **action_id** | ENLR | +| **name** | ENABLE LEDGER | +| **class_desc** | OBJECT | +| **covering_action_desc** | NULL | +| **parent_class_desc** | DATABASE | +| **covering_parent_action_name** | LEDGER_OPERATION_GROUP | +| **configuration_level** | NULL | +| **configuration_group_name** | LEDGER_OPERATION_GROUP | +| **action_in_log** | 1 | + +**Condition triggering the event**: Creating a new ledger table or converting a regular table to a ledger table. + +## Alter ledger + +| Column | Value | +|--|--| +| **action_id** | ALLR | +| **name** | ALTER LEDGER | +| **class_desc** | OBJECT | +| **covering_action_desc** | NULL | +| **parent_class_desc** | DATABASE | +| **covering_parent_action_name** | LEDGER_OPERATION_GROUP | +| **configuration_level** | NULL | +| **configuration_group_name** | LEDGER_OPERATION_GROUP | +| **action_in_log** | 1 | + +**Condition triggering the event**: Dropping or renaming a ledger table, converting a ledger table to a normal table, adding, dropping or renaming a column in a ledger table. + + +## Generate ledger digest + +| Column | Value | +|--|--| +| **action_id** | GDLR | +| **name** | GENERATE LEDGER DIGEST | +| **class_desc** | DATABASE | +| **covering_action_desc** | LEDGER_OPERATION_GROUP | +| **parent_class_desc** | SERVER | +| **covering_parent_action_name** | LEDGER_OPERATION_GROUP | +| **configuration_level** | NULL | +| **configuration_group_name** | LEDGER_OPERATION_GROUP | +| **action_in_log** | 1 | + +**Condition triggering the event**: Generating a ledger digest. + +## Verify ledger + +| Column | Value | +|--|--| +| **action_id** | VFLR | +| **name** | VERIFY LEDGER | +| **class_desc** | DATABASE | +| **covering_action_desc** | LEDGER_OPERATION_GROUP | +| **parent_class_desc** | SERVER | +| **covering_parent_action_name** | LEDGER_OPERATION_GROUP | +| **configuration_level** | NULL | +| **configuration_group_name** | LEDGER_OPERATION_GROUP | +| **action_in_log** | 1 | + +**Condition triggering the event**: Verifying a ledger digest. + +## Ledger operation Group + +| Column | Value | +|--|--| +| **action_id** | OPLR | +| **name** | LEDGER_OPERATION_GROUP | +| **class_desc** | DATABASE | +| **covering_action_desc** | NULL | +| **parent_class_desc** | SERVER | +| **covering_parent_action_name** | NULL | +| **configuration_level** | GROUP | +| **configuration_group_name** | LEDGER_OPERATION_GROUP | +| **action_in_log** | 0 | + +**Condition triggering the event**: N/A + +| Column | Value | +|--|--| +| **action_id** | OPLR | +| **name** | LEDGER_OPERATION_GROUP | +| **class_desc** | SERVER | +| **covering_action_desc** | NULL | +| **parent_class_desc** | NULL | +| **covering_parent_action_name** | NULL | +| **configuration_level** | GROUP | +| **configuration_group_name** | LEDGER_OPERATION_GROUP | +| **action_in_log** | 0 | + +**Condition triggering the event**: N/A + +## Next steps + +- [Auditing for Azure SQL Database and Azure Synapse Analytics](auditing-overview.md) +- [Azure SQL Database ledger Overview](ledger-overview.md) +- [Quickstart: Create an Azure SQL Database with ledger enabled](ledger-create-a-single-database-with-ledger-enabled.md) diff --git a/azure-sql/database/ledger-create-a-single-database-with-ledger-enabled.md b/azure-sql/database/ledger-create-a-single-database-with-ledger-enabled.md new file mode 100644 index 00000000000..fed42185679 --- /dev/null +++ b/azure-sql/database/ledger-create-a-single-database-with-ledger-enabled.md @@ -0,0 +1,107 @@ +--- +title: Create a single database with ledger enabled +description: Create a single database in Azure SQL Database with ledger enabled using the Azure portal. +ms.service: sql-database +ms.subservice: security +ms.devlang: +ms.topic: quickstart +author: JasonMAnderson +ms.author: janders +ms.reviewer: vanto +ms.date: 05/25/2021 +--- + +# Quickstart: Create an Azure SQL Database with ledger enabled + +[!INCLUDE[appliesto-sqldb](../includes/appliesto-sqldb.md)] + +> [!NOTE] +> Azure SQL Database ledger is currently in **public preview**. + +In this quickstart, you create a [ledger database](ledger-overview.md#ledger-database) in Azure SQL Database and configure [automatic digest storage with Azure Blob storage](ledger-digest-management-and-database-verification.md#automatic-generation-and-storage-of-database-digests) using the Azure portal. For more information about ledger, see [Azure SQL Database ledger](ledger-overview.md). + +## Prerequisite + +- An active Azure subscription. If you don't have one, [create a free account](https://azure.microsoft.com/free/). + +## Create a ledger database and configure digest storage + +Create a single ledger database in the [serverless compute tier](serverless-tier-overview.md) and configure uploading ledger digests to an Azure Storage account. + +### Using the Azure portal + +To create a single database in the Azure portal, this quickstart starts at the Azure SQL page. + +1. Browse to the [Select SQL Deployment option](https://portal.azure.com/#create/Microsoft.AzureSQL) page. + +1. Under **SQL databases**, leave **Resource type** set to **Single database**, and select **Create**. + + ![Add to Azure SQL](./media/single-database-create-quickstart/select-deployment.png) + +1. On the **Basics** tab of the **Create SQL Database** form, under **Project details**, select the desired Azure **Subscription**. + +1. For **Resource group**, select **Create new**, enter *myResourceGroup*, and select **OK**. + +1. For **Database name**, enter *demo*. + +1. For **Server**, select **Create new**, and fill out the **New server** form with the following values: + - **Server name**: Enter *mysqlserver*, and add some characters for uniqueness. We can't provide an exact server name to use because server names must be globally unique for all servers in Azure, not just unique within a subscription. So enter something like mysqlserver12345, and the portal lets you know if it's available or not. + - **Server admin login**: Enter *azureuser*. + - **Password**: Enter a password that meets requirements, and enter it again in the **Confirm password** field. + - **Location**: Select a location from the dropdown list. + - Select **Allow Azure services to access this server** option to enable access to digest storage. + + Select **OK**. + +1. Leave **Want to use SQL elastic pool** set to **No**. + +1. Under **Compute + storage**, select **Configure database**. + +1. This quickstart uses a serverless database, so select **Serverless**, and then select **Apply**. + + ![configure serverless database](./media/single-database-create-quickstart/configure-database.png) + +1. On the **Networking** tab, for **Connectivity method**, select **Public endpoint**. +1. For **Firewall rules**, set **Add current client IP address** to **Yes**. Leave **Allow Azure services and resources to access this server** set to **No**. +1. Select **Next: Security** at the bottom of the page. + + :::image type="content" source="media/ledger/ledger-create-database-networking-tab.png" alt-text="Networking tab of Create Database in Azure portal"::: + +1. On the **Security** tab, in the **Ledger** section, select the **Configure ledger** option. + + :::image type="content" source="media/ledger/ledger-configure-ledger-security-tab.png" alt-text="Configure ledger in Security tab of Azure portal"::: + +1. On the **Configure ledger** pane, in the **Ledger** section, select the **Enable for all future tables in this database** checkbox. This setting ensures that all future tables in the database will be ledger tables, which means that all data in the database will be tamper evident. By default, new tables will be created as updatable ledger tables, even if you don't specify `LEDGER = ON` in [CREATE TABLE](/sql/t-sql/statements/create-table-transact-sql). Alternatively, you can leave this unselected, requiring you to enable ledger functionality on a per-table basis when creating new tables using Transact-SQL. + +1. In the **Digest storage** section, **Enable automatic digest storage** will be automatically selected, subsequently creating a new Azure Storage account and container where your digests will be stored. + +1. Click the **Apply** button. + + :::image type="content" source="media/ledger/ledger-configure-ledger-pane.png" alt-text="Configure ledger pane in Azure portal"::: + +1. Select **Review + create** at the bottom of the page: + + :::image type="content" source="media/ledger/ledger-review-security-tab.png" alt-text="Review and create ledger database in Security tab of Azure portal"::: + +1. On the **Review + create** page, after reviewing, select **Create**. + +## Clean up resources + +Keep the resource group, server, and single database to go on to the next steps, and learn how to use the ledger feature of your database with different methods. + +When you're finished using these resources, you can delete the resource group you created, which will also delete the server and single database within it. + +### Using the Azure portal + +To delete **myResourceGroup** and all its resources using the Azure portal: + +1. In the portal, search for and select **Resource groups**, and then select **myResourceGroup** from the list. +1. On the resource group page, select **Delete resource group**. +1. Under **Type the resource group name**, enter *myResourceGroup*, and then select **Delete**. + +## Next steps + +Connect and query your database using different tools and languages: + +- [Create and use updatable ledger tables](ledger-how-to-updatable-ledger-tables.md) +- [Create and use append-only ledger tables](ledger-how-to-append-only-ledger-tables.md) diff --git a/azure-sql/database/ledger-database-ledger.md b/azure-sql/database/ledger-database-ledger.md new file mode 100644 index 00000000000..b927b603f46 --- /dev/null +++ b/azure-sql/database/ledger-database-ledger.md @@ -0,0 +1,57 @@ +--- +title: "Database ledger" +description: This article provides information on ledger database tables and associated views in Azure SQL Database +ms.custom: "" +ms.date: "05/25/2021" +ms.service: sql-database +ms.subservice: security +ms.reviewer: vanto +ms.topic: conceptual +author: JasonMAnderson +ms.author: janders +--- + +# What is the database ledger + +[!INCLUDE[appliesto-sqldb](../includes/appliesto-sqldb.md)] + +> [!NOTE] +> Azure SQL Database ledger is currently in **public preview**. + +The database ledger logically uses a blockchain and [Merkle tree data structures](/archive/msdn-magazine/2018/march/blockchain-blockchain-fundamentals). The database ledger incrementally captures the state of the database as it evolves over time while updates occur on ledger tables. To achieve that, the database ledger stores an entry for every transaction, capturing metadata about the transaction such as its commit timestamp and the identity of the user that executed it, but also the Merkle tree root of the rows updated in each ledger table. These entries are then appended to a tamper-evident data structure to allow verification of integrity in the future. + +:::image type="content" source="media/ledger/merkle-tree.png" alt-text="sql ledger merkle tree"::: + +For more information on how Azure SQL Database ledger provides data integrity, see [Digest management and database verification](ledger-digest-management-and-database-verification.md). + +## Where are database transaction and block data stored? + +The data regarding transactions and blocks is physically stored as rows in two new system catalog views: + +- [**sys.database_ledger_transactions**](/sql/relational-databases/system-catalog-views/sys-database-ledger-transactions-transact-sql) - maintains a row with the information of each transaction in the ledger, including the ID of the block where this transaction belongs and the ordinal of the transaction within the block. +- [**sys.database_ledger_blocks**](/sql/relational-databases/system-catalog-views/sys-database-ledger-blocks-transact-sql) - maintains a row for every block in the ledger, including the root of the Merkle tree over the transactions within the block, and the hash of the previous block to form a blockchain. + +To view the database ledger, execute the following T-SQL statements in [SQL Server Management Studio](/sql/ssms/download-sql-server-management-studio-ssms) or [Azure Data Studio](/sql/azure-data-studio/download-azure-data-studio). + +> [!IMPORTANT] +> Viewing the database ledger requires the **VIEW LEDGER CONTENT** permission. For details on permissions related to ledger tables, see [Permissions](/sql/relational-databases/security/permissions-database-engine#asdbpermissions). + +```sql +SELECT * FROM sys.database_ledger_transactions +GO + +SELECT * FROM sys.database_ledger_blocks +GO +``` + +The below is an example of a ledger table that consists of four transactions that made-up one block in the blockchain of the database ledger. + +:::image type="content" source="media/ledger/database-ledger-1.png" alt-text="example ledger table"::: + +A block is closed every 30 seconds, or when the user manually generates a database digest through executing the [sys.sp_generate_database_ledger_digest](/sql/relational-databases/system-stored-procedures/sys-sp-generate-database-ledger-digest-transact-sql) stored procedure. When a block is closed, new transactions will be inserted in a new block. The block generation process then retrieves all transactions that belong to the *closed* block from both the in-memory queue and the [sys.database_ledger_transactions](/sql/relational-databases/system-catalog-views/sys-database-ledger-transactions-transact-sql) system catalog view, computes the Merkle tree root over these transactions and the hash of the previous block and persists the closed block in the [sys.database_ledger_blocks](/sql/relational-databases/system-catalog-views/sys-database-ledger-blocks-transact-sql) system catalog view. Since this is a regular table update, its durability is automatically guaranteed by the system. To maintain the single chain of blocks, this operation is single-threaded, but it's also efficient, as it only computes the hashes over the transaction information, and happens asynchronously, thus, not impacting the transaction performance. + +## Next steps + +- [Digest management and database verification](ledger-digest-management-and-database-verification.md) +- [Azure SQL Database ledger Overview](ledger-overview.md) +- [Security Catalog Views (Transact-SQL)](/sql/relational-databases/system-catalog-views/security-catalog-views-transact-sql) diff --git a/azure-sql/database/ledger-digest-management-and-database-verification.md b/azure-sql/database/ledger-digest-management-and-database-verification.md new file mode 100644 index 00000000000..e4e515c52a8 --- /dev/null +++ b/azure-sql/database/ledger-digest-management-and-database-verification.md @@ -0,0 +1,129 @@ +--- +title: "Digest management and database verification" +description: This article provides information on ledger database digest and database verification in Azure SQL Database +ms.custom: "" +ms.date: "05/25/2021" +ms.service: sql-database +ms.subservice: security +ms.reviewer: vanto +ms.topic: conceptual +author: JasonMAnderson +ms.author: janders +--- + +# Digest management and database verification + +[!INCLUDE[appliesto-sqldb](../includes/appliesto-sqldb.md)] + +> [!NOTE] +> Azure SQL Database ledger is currently in **public preview**. + +Azure SQL Database ledger provides a form of data integrity called forward-integrity, which provides evidence of data tampering on data in your ledger tables. For example, if a banking transaction occurs on a ledger table where a balance has been updated to value `x`, if an attacker later modifies the data, changing the balance from `x` to `y`, this tampering activity will be detected through database verification. + +The database verification process takes as input one or more previously generated database digests and recomputes the hashes stored in the database ledger based on the current state of the ledger tables. If the computed hashes don't match the input digests, the verification fails, indicating that the data has been tampered with, and reports all inconsistencies detected. + +## Database digests + +The hash of the latest block in the database ledger is known as the database digest, and represents the state of all ledger tables in the database at the time when the block was generated. Generating a database digest is efficient, since it only involves computing the hashes of the blocks that were recently appended. Database digests can be generated either automatically by the system, or manually by the user, and used later for verifying the data integrity of the database. Database digests are generated in the form of a JSON document that contains the hash of the latest block together with metadata regarding the block ID. The metadata includes the time the digest was generated and the commit timestamp of the last transaction in this block. + +The verification process and the integrity of the database depends on the integrity of the input digests. For this purpose, database digests that are extracted from the database need to be stored in trusted storages that cannot be tampered with by the high privileged users or attackers of the Azure SQL Database server. + +### Automatic generation and storage of database digests + +Azure SQL Database ledger integrates with [immutable storage for Azure Blob storage](../../storage/blobs/storage-blob-immutable-storage.md) and [Azure Confidential Ledger](/azure/confidential-ledger/), providing secure storage services in Azure to protect the database digests from potential tampering. This integration provides a simple and cost-effective way for users to automate digest management without having to worry about their availability and geographic replication. + +Configuring automatic generation and storage of database digests can be done through either the Azure portal, PowerShell, or Azure CLI. When configured, database digests are generated on a pre-defined interval of 30 seconds and uploaded to the storage service selected. If no transactions occur in the system in the 30-second interval, then a database digest won't be generated and uploaded, ensuring that database digests are only generated when data has been updated in your database. + +:::image type="content" source="media/ledger/automatic-digest-management.png" alt-text="enable digest storage"::: + +> [!IMPORTANT] +> An [immutability policy](../../storage/blobs/storage-blob-immutability-policies-manage.md) should be configured on your container after provisioning to ensure database digests are protected from tampering. + +### Manual generation and storage of database digests + +Azure SQL Database ledger also allows users to generate a database digest on demand so that they can manually store the digest in any service or device that they consider a trusted storage destination, such as an on-premises write once read many (WORM) device. Manually generating a database digest is done through executing the [sys.sp_generate_database_ledger_digest](/sql/relational-databases/system-stored-procedures/sys-sp-generate-database-ledger-digest-transact-sql) stored procedure in either [SQL Server Management Studio](/sql/ssms/download-sql-server-management-studio-ssms) or [Azure Data Studio](/sql/azure-data-studio/download-azure-data-studio). + +> [!IMPORTANT] +> Generating database digests requires the **GENERATE LEDGER DIGEST** permission. For details on permissions related to ledger tables, see [Permissions](/sql/relational-databases/security/permissions-database-engine#asdbpermissions). + +```sql +EXECUTE sp_generate_database_ledger_digest +``` + +The result set returned will be a single row of data, which should be saved to the trusted storage location as a JSON document as follows: + +```json + { + "database_name": "ledgerdb", + "block_id": 0, + "hash": "0xDC160697D823C51377F97020796486A59047EBDBF77C3E8F94EEE0FFF7B38A6A", + "last_transaction_commit_time": "2020-11-12T18:01:56.6200000", + "digest_time": "2020-11-12T18:39:27.7385724" + } +``` + +## Database verification + +The verification process scans all ledger and history tables and recomputes the SHA-256 hashes of their rows and compares them against the database digest files passed to the verification stored procedure. For large ledger tables, database verification can be a resource-intensive process, and should be executed only when users need to verify the integrity of their database. It can be executed hourly or daily for cases where the integrity of the database needs to be frequently monitored, or only when the organization hosting the data goes through an audit and needs to provide cryptographic evidence regarding the integrity of their data. To reduce the cost of verification, ledger exposes options to verify individual ledger tables, or only a subset of the ledger. + +Database verification is accomplished through two stored procedures, depending on whether [automatic digest storage](#database-verification-using-automatic-digest-storage) is used, or whether [digests are manually managed](#database-verification-using-manual-digest-storage) by the user. + +> [!IMPORTANT] +> Database verification requires the **VIEW LEDGER CONTENT** permission. For details on permissions related to ledger tables, see [Permissions](/sql/relational-databases/security/permissions-database-engine#asdbpermissions). + +### Database verification using automatic digest storage + +When using automatic digest storage for generating and storing database digests, the location of the digest storage is in the system catalog view [sys.database_ledger_digest_locations](/sql/relational-databases/system-catalog-views/sys-database-ledger-digest-locations-transact-sql) as JSON objects. Running database verification consists of executing the [sp_verify_database_ledger_from_digest_storage](/sql/relational-databases/system-stored-procedures/sys-sp-verify-database-ledger-from-digest-storage-transact-sql) system stored procedure, specifying the JSON objects from the [sys.database_ledger_digest_locations](/sql/relational-databases/system-catalog-views/sys-database-ledger-digest-locations-transact-sql) system catalog view where database digests are configured to be stored. + +Using automatic digest storage allows you to change storage locations throughout the lifecycle of the ledger tables. For example, if you start by using Azure Immutable Blob storage to store your digest files, but later you want to use Azure Confidential Ledger instead, you are able to do so. This change in location is stored in [sys.database_ledger_digest_locations](/sql/relational-databases/system-catalog-views/sys-database-ledger-digest-locations-transact-sql). To simplify running verification when multiple digest storage locations have been used, the following script will fetch the locations of the digests and execute verification using those locations. + +```sql +DECLARE @digest_locations NVARCHAR(MAX) = (SELECT * FROM sys.database_ledger_digest_locations FOR JSON AUTO, INCLUDE_NULL_VALUES); +SELECT @digest_locations as digest_locations; +BEGIN TRY + EXEC sys.sp_verify_database_ledger_from_digest_storage @digest_locations; + SELECT 'Ledger verification succeeded.' AS Result; +END TRY +BEGIN CATCH + THROW; +END CATCH +``` + +### Database verification using manual digest storage + +When using manual digest storage for generating and storing database digests, the following stored procedure is used to verify the ledger, appending the JSON content of the digest in the stored procedure. When running database verification, you can choose to verify all tables in the database, or specific tables. Below is the syntax for the [sp_verify_database_ledger](/sql/relational-databases/system-stored-procedures/sys-sp-verify-database-ledger-transact-sql) stored procedure: + +```sql +sp_verify_database_ledger , +``` + +Below is an example of running the [sp_verify_database_ledger](/sql/relational-databases/system-stored-procedures/sys-sp-verify-database-ledger-transact-sql) stored procedure by passing two digests for verification: + +```sql +EXECUTE sp_verify_database_ledger N' +[ + { + "database_name": "ledgerdb", + "block_id": 0, + "hash": "0xDC160697D823C51377F97020796486A59047EBDBF77C3E8F94EEE0FFF7B38A6A", + "last_transaction_commit_time": "2020-11-12T18:01:56.6200000", + "digest_time": "2020-11-12T18:39:27.7385724" + }, + { + "database_name": "ledgerdb", + "block_id": 1, + "hash": "0xE5BE97FDFFA4A16ADF7301C8B2BEBC4BAE5895CD76785D699B815ED2653D9EF8", + "last_transaction_commit_time": "2020-11-12T18:39:35.6633333", + "digest_time": "2020-11-12T18:43:30.4701575" + } +] +``` + +Return codes for `sp_verify_database_ledger` and `sp_verify_database_ledger_from_digest_storage` are `0` (**success**) or `1` (**failure**). + +## Next steps + +- [Azure SQL Database ledger overview](ledger-overview.md) +- [Updatable ledger tables](ledger-updatable-ledger-tables.md) +- [Append-only ledger tables](ledger-append-only-ledger-tables.md) +- [Database ledger](ledger-database-ledger.md) diff --git a/azure-sql/database/ledger-how-to-access-acl-digest.md b/azure-sql/database/ledger-how-to-access-acl-digest.md new file mode 100644 index 00000000000..aa37e4c250d --- /dev/null +++ b/azure-sql/database/ledger-how-to-access-acl-digest.md @@ -0,0 +1,137 @@ +--- +title: "How to access the digests stored in Azure Confidential Ledger (ACL)" +description: How to access the digests stored in Azure Confidential Ledger (ACL) with Azure SQL Database ledger +ms.custom: "" +ms.date: "05/25/2021" +ms.service: sql-database +ms.subservice: security +ms.reviewer: vanto +ms.topic: how-to +author: JasonMAnderson +ms.author: janders +--- + +# How to access the digests stored in ACL + +[!INCLUDE[appliesto-sqldb](../includes/appliesto-sqldb.md)] + +> [!NOTE] +> Azure SQL Database ledger is currently in **public preview**. + +This article shows you how to access an [Azure SQL Database ledger](ledger-overview.md) digest stored in [Azure Confidential Ledger (ACL)](/azure/confidential-ledger/) to get end-to-end security and integrity guarantees. Through this article, we'll explain how to access and verify integrity of the stored information. + +## Prerequisites + +- Python 2.7, 3.5.3, or later +- Have an existing Azure SQL Database with ledger enabled. See [Quickstart: Create an Azure SQL Database with ledger enabled](ledger-create-a-single-database-with-ledger-enabled.md) if you haven't already created an Azure SQL Database. +- [Azure Confidential Ledger client library for Python](https://github.com/Azure/azure-sdk-for-python/blob/b42651ae4791aca8c9fbe282832b81badf798aa9/sdk/confidentialledger/azure-confidentialledger/README.md#create-a-client) +- A running instance of [Azure Confidential Ledger](/azure/confidential-ledger/). + +## How does the integration work? + +Azure SQL server calculates the digests of the [ledger database(s)](ledger-overview.md#ledger-database) periodically and stores them in Azure Confidential Ledger. At any time, a user can validate the integrity of the data by downloading the digests from Azure Confidential Ledger and comparing them to the digests stored in Azure SQL Database ledger. The following steps will explain it. + +## Step 1 - Find the Digest location + +> [!NOTE] +> The query will return more than one row if multiple Azure Confidential Ledger instances were used to store the digest. For each row, repeat steps 2 through 6 to download the digests from all instances of Azure Confidential Ledger. + +Using the [SQL Server Management Studio (SSMS)](/sql/ssms/download-sql-server-management-studio-ssms), run the following query. The output shows the endpoint of the Azure Confidential Ledger instance where the digests are stored. + +```sql +SELECT * FROM sys.database_ledger_digest_locations WHERE path like '%.confidential-ledger.azure.com% +``` + +## Step 2 - Determine the Subledgerid + +We're interested in the value in the path column from the query output. It consists of two parts, namely the `host name` and the `subledgerid`. As an example, in the Url `https://contoso-ledger.confidential-ledger.azure.com/sqldbledgerdigests/ledgersvr2/ledgerdb/2021-04-13T21:20:51.0000000`, the `host name` is `https://contoso-ledger.confidential-ledger.azure.com` and the `subledgerid` is `sqldbledgerdigests/ledgersvr2/ledgerdb/2021-04-13T21:20:51.0000000`. We'll use it in Step 4 to download the digests. + +## Step 3 - Obtain an Azure AD token + +The Azure Confidential Ledger API accepts an Azure Active Directory (Azure AD) Bearer token as the caller identity. This identity needs access to ACL via Azure Resource Manager during provisioning. The user who had enabled ledger in SQL Database is automatically given administrator access to Azure Confidential Ledger. To obtain a token, the user needs to authenticate using [Azure CLI](/cli/azure/install-azure-cli) with the same account that was used with Azure portal. Once the user has authenticated, they can use [DefaultAzureCredentials()](/dotnet/api/azure.identity.defaultazurecredential) to retrieve a bearer token and call Azure Confidential Ledger API. + +Log in to Azure AD using the identity with access to ACL. + +```azure-cli +az login +``` + +Retrieve the Bearer token. + +```python +from azure.identity import DefaultAzureCredential +credential = DefaultAzureCredential() +``` + +## Step 4 - Download the digests from Azure Confidential Ledger + +The following Python script downloads the digests from Azure Confidential Ledger. The script uses the [Azure Confidential Ledger client library for Python.](https://github.com/Azure/azure-sdk-for-python/blob/b42651ae4791aca8c9fbe282832b81badf798aa9/sdk/confidentialledger/azure-confidentialledger/README.md#create-a-client) + +```python +from azure.identity import DefaultAzureCredential +from azure.confidentialledger import ConfidentialLedgerClient +from azure.confidentialledger.identity_service import ConfidentialLedgerIdentityServiceClient + +ledger_id = "contoso-ledger" +identity_server_url = "https://identity.confidential-ledger.core.azure.com" +sub_ledger_id = "sqldbledgerdigests/ledgersvr2/ledgerdb/2021-04-13T21:20:51.0000000" +ledger_host_url = f"https://{ledger_id}.confidential-ledger.azure.com" +initial_path = f"/app/transactions?api-version=0.1-preview&subLedgerId={sub_ledger_id}" + +identity_client = ConfidentialLedgerIdentityServiceClient(identity_server_url) +network_identity = identity_client.get_ledger_identity( + ledger_id=ledger_id +) + +ledger_tls_cert_file_name = f"{ledger_id}_certificate.pem" +with open(ledger_tls_cert_file_name, "w") as cert_file: + cert_file.write(network_identity.ledger_tls_certificate) + +credential = DefaultAzureCredential() +ledger_client = ConfidentialLedgerClient( + endpoint=ledger_host_url, + credential=credential, + ledger_certificate_path=ledger_tls_cert_file_name +) + +ranged_result = ledger_client.get_ledger_entries( + sub_ledger_id=sub_ledger_id +) + +entries = 0 + +for entry in ranged_result: + entries += 1 + print(f"\nTransaction id {entry.transaction_id} contents: {entry.contents}") + +if entries == 0: + print("\n***No digests are found for the supplied SubledgerID.") +else: + print("\n***No more digests were found for the supplied SubledgerID.") +``` + +## Step 5 - Download the Digests from the SQL Server + +> [!NOTE] +> This is a way to confirm that the hashes stored in the Azure SQL Database ledger have not changed over time. For complete audit of the integrity of the Azure SQL Database ledger, see [How to verify a ledger table to detect tampering](ledger-verify-database.md). + +Using [SSMS](/sql/ssms/download-sql-server-management-studio-ssms), run the following query. The query returns the digests of the blocks from Genesis. + +```sql +SELECT * FROM sys.database_ledger_blocks +``` + +## Step 6 - Comparison + +Compare the digest retrieved from the Azure Confidential Ledger to the digest returned from your SQL database using the `block_id` as the key. For example, the digest of `block_id` = `1` is the value of the `previous_block_hash` column in the `block_id`= `2` row. Similarly, for `block_id` = `3`, it's the value of the `previous_block_id` column in the `block_id` = `4` row. A mismatch in the hash value is an indicator of a potential data tampering. + +If data tampering is suspected, see [How to verify a ledger table to detect tampering](ledger-verify-database.md) to perform a full audit of the Azure SQL Database ledger. + +## Next steps + +- [Azure SQL Database ledger Overview](ledger-overview.md) +- [Database ledger](ledger-database-ledger.md) +- [Digest management and database verification](ledger-digest-management-and-database-verification.md) +- [Append-only ledger tables](ledger-append-only-ledger-tables.md) +- [Updatable ledger tables](ledger-updatable-ledger-tables.md) +- [How to verify a ledger table to detect tampering](ledger-verify-database.md) \ No newline at end of file diff --git a/azure-sql/database/ledger-how-to-append-only-ledger-tables.md b/azure-sql/database/ledger-how-to-append-only-ledger-tables.md new file mode 100644 index 00000000000..65543d3c068 --- /dev/null +++ b/azure-sql/database/ledger-how-to-append-only-ledger-tables.md @@ -0,0 +1,96 @@ +--- +title: "Create and use append-only ledger tables" +description: How to create and use append-only ledger tables in Azure SQL Database +ms.custom: "" +ms.date: "05/25/2021" +ms.service: sql-database +ms.subservice: security +ms.reviewer: vanto +ms.topic: how-to +author: JasonMAnderson +ms.author: janders +--- + +# Create and use append-only ledger tables + +[!INCLUDE[appliesto-sqldb](../includes/appliesto-sqldb.md)] + +> [!NOTE] +> Azure SQL Database ledger is currently in **public preview**. + +This article shows you how to create an [append-only ledger table](ledger-append-only-ledger-tables.md) in Azure SQL Database, insert values into your append-only ledger table, attempt to make updates to the data, and view the results using the ledger view. We'll use an example of a card key access system of a facility, which is an append-only system pattern. Our example will give you a practical look at the relationship between the append-only ledger table and its corresponding ledger view. + +For more information, see [Append-only ledger tables](ledger-append-only-ledger-tables.md). + +## Prerequisite + +- Have an existing Azure SQL Database with ledger enabled. See [Quickstart: Create an Azure SQL Database with ledger enabled](ledger-create-a-single-database-with-ledger-enabled.md) if you haven't already created an Azure SQL Database. +- [SQL Server Management Studio (SSMS)](/sql/ssms/download-sql-server-management-studio-ssms) or [Azure Data Studio](/sql/azure-data-studio/download-azure-data-studio) + +## Creating an append-only ledger table + +We'll create a `KeyCardEvents` table with the following schema. + +| Column name | Data type | Description | +|--|--|--| +| EmployeeID | int | The unique ID of the employee accessing the building. | +| AccessOperationDescription | nvarchar (MAX) | The access operation of the employee. | +| Timestamp | datetime2 | The date and time the employee accessed the building | + +> [!IMPORTANT] +> Creating append-only ledger tables requires the **ENABLE LEDGER** permission. For details on permissions related to ledger tables, see [Permissions](/sql/relational-databases/security/permissions-database-engine#asdbpermissions). + +1. Using either [SQL Server Management Studio (SSMS)](/sql/ssms/download-sql-server-management-studio-ssms) or [Azure Data Studio](/sql/azure-data-studio/download-azure-data-studio), create a new schema and table called `[AccessControl].[KeyCardEvents]`. + + ```sql + CREATE SCHEMA [AccessControl] + CREATE TABLE [AccessControl].[KeyCardEvents] + ( + [EmployeeID] INT NOT NULL, + [AccessOperationDescription] NVARCHAR (MAX) NOT NULL, + [Timestamp] Datetime2 NOT NULL + ) + WITH ( + LEDGER = ON ( + APPEND_ONLY = ON + ) + ); + ``` + +1. Add a new building access event into the `[AccessControl].[KeyCardEvents]` table with the following values. + + ```sql + INSERT INTO [AccessControl].[KeyCardEvents] + VALUES ('43869', 'Building42', '2020-05-02T19:58:47.1234567') + ``` + +1. View the contents of your KeyCardEvents table, specifying the [GENERATED ALWAYS](/sql/t-sql/statements/create-table-transact-sql#generate-always-columns) columns that are added to your [append-only ledger table](ledger-append-only-ledger-tables.md). + + ```sql + SELECT * + ,[ledger_start_transaction_id] + ,[ledger_start_sequence_number] + FROM [AccessControl].[KeyCardEvents] + ``` + + :::image type="content" source="media/ledger/append-only-how-to-keycardevent-table.png" alt-text="Results from querying KeyCardEvents table"::: + +1. Try to update the `KeyCardEvents` table by changing the `EmployeeID` from `43869` to `34184.` + + ```sql + UPDATE [AccessControl].[KeyCardEvents] SET [EmployeeID] = 34184 + ``` + + You'll receive and error message stating the updates aren't allowed for your append-only ledger table. + + :::image type="content" source="media/ledger/append-only-how-to-1.png" alt-text="append only error message"::: + +## Next steps + +- [Database ledger](ledger-database-ledger.md) +- [Digest management and database verification](ledger-digest-management-and-database-verification.md) +- [Append-only ledger tables](ledger-append-only-ledger-tables.md) +- [Updatable ledger tables](ledger-updatable-ledger-tables.md) +- [Create and use updatable ledger tables](ledger-how-to-updatable-ledger-tables.md) +- [How to access the digests stored in Azure Confidential Ledger (ACL)](ledger-how-to-access-acl-digest.md) +- [How to verify a ledger table to detect tampering](ledger-verify-database.md) diff --git a/azure-sql/database/ledger-how-to-updatable-ledger-tables.md b/azure-sql/database/ledger-how-to-updatable-ledger-tables.md new file mode 100644 index 00000000000..55a77bb8fe4 --- /dev/null +++ b/azure-sql/database/ledger-how-to-updatable-ledger-tables.md @@ -0,0 +1,185 @@ +--- +title: "Create and use updatable ledger tables" +description: How to create and use updatable ledger tables in Azure SQL Database +ms.custom: "" +ms.date: "05/25/2021" +ms.service: sql-database +ms.subservice: security +ms.reviewer: vanto +ms.topic: how-to +author: JasonMAnderson +ms.author: janders +--- + +# Create and use updatable ledger tables + +[!INCLUDE[appliesto-sqldb](../includes/appliesto-sqldb.md)] + +> [!NOTE] +> Azure SQL Database ledger is currently in **public preview**. + +This article shows you how to create an [updatable ledger table](ledger-updatable-ledger-tables.md) in Azure SQL Database, insert values into your updatable ledger table, make updates to the data, and view the results using the ledger view. We'll use an example of a banking application tracking a banking customers balance in their account. Our example will give you a practical look at the relationship between the updatable ledger table and its corresponding history table and ledger view. + +## Prerequisite + +- Have an existing Azure SQL Database with ledger enabled. See [Quickstart: Create an Azure SQL Database with ledger enabled](ledger-create-a-single-database-with-ledger-enabled.md) if you haven't already created an Azure SQL Database. +- [SQL Server Management Studio (SSMS)](/sql/ssms/download-sql-server-management-studio-ssms) or [Azure Data Studio](/sql/azure-data-studio/download-azure-data-studio) + +## Creating an updatable ledger table + +We'll create an account balance table with the following schema. + +| Column name | Data type | Description | +| ----------- | -------------- | ----------------------------------- | +| CustomerID | int | Customer ID - Primary key clustered | +| LastName | varchar (50) | Customer last name | +| FirstName | varchar (50) | Customer first name | +| Balance | decimal (10,2) | Account balance | + +> [!IMPORTANT] +> Creating updatable ledger tables requires the **ENABLE LEDGER** permission. For details on permissions related to ledger tables, see [Permissions](/sql/relational-databases/security/permissions-database-engine#asdbpermissions). + +1. Using either [SQL Server Management Studio (SSMS)](/sql/ssms/download-sql-server-management-studio-ssms) or [Azure Data Studio](/sql/azure-data-studio/download-azure-data-studio), create a new schema and table called `[Account].[Balance]`. + + ```sql + CREATE SCHEMA [Account] + GO + + CREATE TABLE [Account].[Balance] + ( + [CustomerID] INT NOT NULL PRIMARY KEY CLUSTERED, + [LastName] VARCHAR (50) NOT NULL, + [FirstName] VARCHAR (50) NOT NULL, + [Balance] DECIMAL (10,2) NOT NULL + ) + WITH + ( + SYSTEM_VERSIONING = ON, + LEDGER = ON + ); + GO + ``` + + > [!NOTE] + > Specifying the `LEDGER = ON` argument is optional if you enabled ledger database when you created your Azure SQL Database. + > + > In the above example, the system will generate the names of the [GENERATED ALWAYS](/sql/t-sql/statements/create-table-transact-sql#generate-always-columns) columns in the table, the name of the [ledger view](ledger-updatable-ledger-tables.md#ledger-view), and the names of the [ledger view columns](ledger-updatable-ledger-tables.md#ledger-view-schema). + > + > The ledger view column names can be customized when creating the table using the `` parameter with the [CREATE TABLE (Transact-SQL)](/sql/t-sql/statements/create-table-transact-sql?view=azuresqldb-current&preserve-view=true) statement. The `GENERATED ALWAYS` columns, as well as the [history table](ledger-updatable-ledger-tables.md#history-table) name can be customized. For more information, see [ledger view options](/sql/t-sql/statements/create-table-transact-sql?view=azuresqldb-current&preserve-view=true#ledger-view-options) and the corresponding examples in [CREATE TABLE (Transact-SQL)](/sql/t-sql/statements/create-table-transact-sql?view=azuresqldb-current&preserve-view=true##x-creating-a-updatable-ledger-table). + +1. When your [updatable ledger table](ledger-updatable-ledger-tables.md) is created, the corresponding history table and ledger view are also created. Execute the following T-SQL to see the new table and the new view. + + ```sql + SELECT + ts.[name] + '.' + t.[name] AS [ledger_table_name] + , hs.[name] + '.' + h.[name] AS [history_table_name] + , vs.[name] + '.' + v.[name] AS [ledger_view_name] + FROM sys.tables AS t + JOIN sys.tables AS h ON (h.[object_id] = t.[history_table_id]) + JOIN sys.views v ON (v.[object_id] = t.[ledger_view_id]) + JOIN sys.schemas ts ON (ts.[schema_id] = t.[schema_id]) + JOIN sys.schemas hs ON (hs.[schema_id] = h.[schema_id]) + JOIN sys.schemas vs ON (vs.[schema_id] = v.[schema_id]) + ``` + + :::image type="content" source="media/ledger/ledger-updatable-how-to-new-tables.png" alt-text="Query new ledger tables"::: + +1. Insert a customer, `Nick Jones` as a new customer with an opening balance of $50. + + ```sql + INSERT INTO [Account].[Balance] + VALUES (1, 'Jones', 'Nick', 50) + ``` + +1. Insert three new customers, `John Smith`, `Joe Smith`, and `Mary Michaels` as new customers with opening balances of $500, $30 and $200, respectively. + + ```sql + INSERT INTO [Account].[Balance] + VALUES (2, 'Smith', 'John', 500), + (3, 'Smith', 'Joe', 30), + (4, 'Michaels', 'Mary', 200) + ``` + +1. View the `[Account].[Balance]` updatable ledger table, specifying the [GENERATED ALWAYS](/sql/t-sql/statements/create-table-transact-sql#generate-always-columns) columns added to the table. + + ```sql + SELECT * + ,[ledger_start_transaction_id] + ,[ledger_end_transaction_id] + ,[ledger_start_sequence_number] + ,[ledger_end_sequence_number] + FROM [Account].[Balance] + ``` + + In the results window, you'll first see the values inserted by your T-SQL commands, along with the system metadata that is used for data lineage purposes. + + - `ledger_start_transaction_id` notes the unique transaction ID associated with the transaction that inserted the data. Since `John`, `Joe`, and `Mary` were inserted using the same transaction, they share the same transaction ID. + - `ledger_start_sequence_number` notes the order by which values were inserted by the transaction. + + :::image type="content" source="media/ledger/sql-updatable-how-to-1.png" alt-text="ledger table example 1"::: + +1. Update `Nick`'s balance from `50` to `100`. + + ```sql + UPDATE [Account].[Balance] SET [Balance] = 100 + WHERE [CustomerID] = 1 + ``` + +1. Copy the unique name of your history table. You'll need this for the next step. + + ```sql + SELECT + ts.[name] + '.' + t.[name] AS [ledger_table_name] + , hs.[name] + '.' + h.[name] AS [history_table_name] + , vs.[name] + '.' + v.[name] AS [ledger_view_name] + FROM sys.tables AS t + JOIN sys.tables AS h ON (h.[object_id] = t.[history_table_id]) + JOIN sys.views v ON (v.[object_id] = t.[ledger_view_id]) + JOIN sys.schemas ts ON (ts.[schema_id] = t.[schema_id]) + JOIN sys.schemas hs ON (hs.[schema_id] = h.[schema_id]) + JOIN sys.schemas vs ON (vs.[schema_id] = v.[schema_id]) + ``` + + :::image type="content" source="media/ledger/sql-updatable-how-to-2.png" alt-text="ledger table example 2"::: + +1. View the `[Account].[Balance]` updatable ledger table, along with its corresponding history table and ledger view. + + > [!IMPORTANT] + > Replace the `` with the name you copied in the previous step. + + ```sql + SELECT * + ,[ledger_start_transaction_id] + ,[ledger_end_transaction_id] + ,[ledger_start_sequence_number] + ,[ledger_end_sequence_number] + FROM [Account].[Balance] + GO + + SELECT * FROM + GO + + SELECT * FROM Account.Balance_Ledger + ORDER BY ledger_transaction_id + GO + ``` + + > [!TIP] + > We recommend that you query the history of changes through the [ledger view](ledger-updatable-ledger-tables.md#ledger-view), and not the [history table](ledger-updatable-ledger-tables.md#history-table). + +1. `Nick`'s account balance has been successfully updated in the updatable ledger table to `100`. +1. The history table now shows the previous balance of `50` for `Nick`. +1. The ledger view shows that updating the ledger table is a `DELETE` of the original row with `50`, as the balance with a corresponding `INSERT` of a new row with `100` with the new balance for `Nick`. + + :::image type="content" source="media/ledger/sql-updatable-how-to-3.png" alt-text="ledger table example 3"::: + + +## Next steps + +- [Database ledger](ledger-database-ledger.md) +- [Digest management and database verification](ledger-digest-management-and-database-verification.md) +- [Updatable ledger tables](ledger-updatable-ledger-tables.md) +- [Append-only ledger tables](ledger-append-only-ledger-tables.md) +- [Create and use append-only ledger tables](ledger-how-to-append-only-ledger-tables.md) +- [How to access the digests stored in Azure Confidential Ledger (ACL)](ledger-how-to-access-acl-digest.md) +- [How to verify a ledger table to detect tampering](ledger-verify-database.md) diff --git a/azure-sql/database/ledger-landing.yml b/azure-sql/database/ledger-landing.yml new file mode 100644 index 00000000000..7b9077f3c3e --- /dev/null +++ b/azure-sql/database/ledger-landing.yml @@ -0,0 +1,120 @@ +### YamlMime:Landing + +title: Azure SQL Database ledger documentation +summary: "Find documentation about Azure SQL Database ledger" + +metadata: + title: Azure SQL Database ledger documentation + description: "Find ledger documentation for Azure SQL Database" + ms.service: sql-database + ms.subservice: security + ms.tgt_pltfrm: na + ms.devlang: + ms.topic: landing-page + author: VanMSFT + ms.author: vanto + ms.reviewer: + ms.date: 05/25/2021 + +# linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | video | whats-new + +landingContent: +# Cards and links should be based on top customer tasks or top subjects +# Start card title with a verb + + # Card + - title: Azure SQL Database ledger overview + linkLists: + - linkListType: overview + links: + - text: What is Azure SQL Database ledger? + url: ledger-overview.md + + + # Card + - title: Ledger concepts + linkLists: + - linkListType: concept + links: + - text: What is the database ledger? + url: ledger-database-ledger.md + - text: Append-only ledger tables + url: ledger-append-only-ledger-tables.md + - text: Updatable ledger tables + url: ledger-updatable-ledger-tables.md + + + # Card + - title: Ledger quickstarts + linkLists: + - linkListType: quickstart + links: + - text: Create an Azure SQL Database with ledger enabled + url: ledger-create-a-single-database-with-ledger-enabled.md + + + # Card + - title: Using ledger + linkLists: + - linkListType: how-to-guide + links: + - text: Create append-only ledger tables + url: ledger-how-to-append-only-ledger-tables.md + - text: Create updatable ledger tables + url: ledger-how-to-updatable-ledger-tables.md + - text: How to access the digests stored in Azure Confidential Ledger (ACL) + url: ledger-how-to-access-acl-digest.md + - text: How to verify a ledger table to detect tampering + url: ledger-verify-database.md + + + # Card + - title: Ledger management, verification, and storage + linkLists: + - linkListType: concept + links: + - text: Digest management and database verification + url: ledger-digest-management-and-database-verification.md + - text: Ledger auditing + url: ledger-audit.md + + + # Card + - title: Ledger references + linkLists: + - linkListType: reference + links: + - text: Current ledger limitations + url: ledger-limits.md + - text: Azure SQL Database ledger whitepaper + url: https://aka.ms/sql-ledger-whitepaper + + + # Card + - title: Ledger System Catalog Views + linkLists: + - linkListType: reference + links: + - text: sys.database_ledger_blocks (Transact-SQL) + url: /sql/relational-databases/system-catalog-views/sys-database-ledger-blocks-transact-sql + - text: sys.database_ledger_transactions (Transact-SQL) + url: /sql/relational-databases/system-catalog-views/sys-database-ledger-transactions-transact-sql + - text: sys.database_ledger_digest_locations (Transact-SQL) + url: /sql/relational-databases/system-catalog-views/sys-database-ledger-digest-locations-transact-sql + - text: sys.ledger_table_history (Transact-SQL) + url: /sql/relational-databases/system-catalog-views/sys-ledger-table-history-transact-sql + - text: sys.ledger_column_history (Transact-SQL) + url: /sql/relational-databases/system-catalog-views/sys-ledger-column-history-transact-sql + + + # Card + - title: Ledger Store Procedures + linkLists: + - linkListType: reference + links: + - text: sys.sp_generate_database_ledger_digest (Transact-SQL) + url: /sql/relational-databases/system-stored-procedures/sys-sp-generate-database-ledger-digest-transact-sql + - text: sys.sp_verify_database_ledger (Transact-SQL) + url: /sql/relational-databases/system-stored-procedures/sys-sp-verify-database-ledger-transact-sql + - text: sys.sp_verify_database_ledger_from_digest_storage (Transact-SQL) + url: /sql/relational-databases/system-stored-procedures/sys-sp-verify-database-ledger-from-digest-storage-transact-sql diff --git a/azure-sql/database/ledger-limits.md b/azure-sql/database/ledger-limits.md new file mode 100644 index 00000000000..68671333be5 --- /dev/null +++ b/azure-sql/database/ledger-limits.md @@ -0,0 +1,66 @@ +--- +title: "Limitations for Azure SQL Database ledger" +description: Limitations of the ledger feature in Azure SQL Database +ms.custom: "" +ms.date: "05/25/2021" +ms.service: sql-database +ms.subservice: security +ms.reviewer: vanto +ms.topic: conceptual +author: JasonMAnderson +ms.author: janders +--- + +# Limitations for Azure SQL Database ledger + +[!INCLUDE[appliesto-sqldb](../includes/appliesto-sqldb.md)] + +> [!NOTE] +> Azure SQL Database ledger is currently in **public preview**. + +This article provides an overview of the limitations when using ledger tables with Azure SQL Database. + +## Limitations + +| Function | Limitation | +| :--- | :--- | +| Disabling [ledger database](ledger-database-ledger.md) | Once enabled, ledger database cannot be disabled. | +| Maximum # of columns | When created, [updatable ledger tables](ledger-updatable-ledger-tables.md) adds four [GENERATED ALWAYS](/sql/t-sql/statements/create-table-transact-sql#generate-always-columns) columns to the ledger table and [append-only ledger tables](ledger-append-only-ledger-tables.md) add two columns to the ledger table. These new columns count against the maximum supported number of columns in Azure SQL Database (1024). | +| Restricted data types | XML, SqlVariant, User-defined type, and FILESTREAM data types aren't supported. | +| In-memory tables | In-memory tables aren't supported. | +| Sparse column sets | Sparse column sets aren't supported. | +| Ledger truncation | Deleting older data in [append-only ledger tables](ledger-append-only-ledger-tables.md), or the history table of [updatable ledger tables](ledger-updatable-ledger-tables.md) aren't supported. | +| Converting existing tables to ledger tables | Existing tables in a database that aren't ledger-enabled cannot be converted over to ledger tables. | +|LRS support for [automated digest management](ledger-digest-management-and-database-verification.md) | Automated digest management with ledger tables using [Azure Storage immutable blobs](../../storage/blobs/storage-blob-immutable-storage.md) doesn't offer the ability for users to use [locally redundant storage (LRS)](../../storage/common/storage-redundancy.md#locally-redundant-storage) accounts.| + +## Remarks + +- When a ledger database is created, all new tables created by default (without specifying the `APPEND_ONLY = ON` clause) in the database will be [updatable ledger tables](ledger-updatable-ledger-tables.md). [Append-only ledger tables](ledger-append-only-ledger-tables.md) can be created using [CREATE TABLE (Transact-SQL)](/sql/t-sql/statements/create-table-transact-sql) statements. +- Ledger tables can't be a FILETABLE. +- Ledger tables can't have full-text indexes. +- Ledger tables can't be renamed. +- Ledger tables can't be moved to a different schema. +- Only nullable columns can be added to ledger tables, and when they aren't specified WITH VALUES. +- Columns in ledger tables cannot be dropped. +- Only deterministic-computed columns are allowed for ledger tables. +- Existing columns cannot be altered in a way that modifies the format for this column. + - We allow changing: + - Nullability + - Collation for nvarchar/ntext columns and when the code page isn't changing for char/text columns + - Change the length of variable length columns + - Sparseness +- SWITCH IN/OUT isn't allowed for ledger tables +- Long-term backups (LTR) aren't supported for databases that have `LEDGER = ON` +- `LEDGER` or `SYSTEM_VERSIONING` cannot be disabled for ledger tables. +- The `UPDATETEXT` and `WRITETEXT` APIs cannot be used on ledger tables. +- A transaction can update up to 200 ledger tables. +- For updatable ledger tables, we inherit all of the limitations of temporal tables. +- Change tracking isn't allowed on ledger tables. +- Ledger tables can't have a rowstore non-clustered index when they have a clustered Columnstore index. + +## Next steps + +- [Updatable ledger tables](ledger-updatable-ledger-tables.md) +- [Append-only ledger tables](ledger-append-only-ledger-tables.md) +- [Database ledger](ledger-database-ledger.md) +- [Digest management and database verification](ledger-digest-management-and-database-verification.md) diff --git a/azure-sql/database/ledger-overview.md b/azure-sql/database/ledger-overview.md new file mode 100644 index 00000000000..abc9e0c37ef --- /dev/null +++ b/azure-sql/database/ledger-overview.md @@ -0,0 +1,103 @@ +--- +title: "Azure SQL Database ledger overview" +description: Overview of Azure SQL Database ledger +ms.custom: "" +ms.date: "05/25/2021" +ms.service: sql-database +ms.subservice: security +ms.reviewer: vanto +ms.topic: conceptual +author: JasonMAnderson +ms.author: janders +--- + +# Azure SQL Database ledger + +[!INCLUDE[appliesto-sqldb](../includes/appliesto-sqldb.md)] + +> [!NOTE] +> Azure SQL Database ledger is currently in **public preview**. + +Establishing trust around the integrity of data stored in database systems has been a long-standing problem for all organizations that manage financial, medical, or other sensitive data. The ledger feature of [Azure SQL Database](sql-database-paas-overview.md) provides tamper-evidence capabilities in your database, enabling the ability to cryptographically attest to other parties, such as auditors or other business parties, that your data hasn't been tampered with. + +Ledger helps protect data from any attacker or high-privileged user, including Database Administrators (DBAs), and system and cloud administrators. Just like a traditional ledger, historical data is preserved such that if a row is updated in the database, its previous value is maintained and protected in a history table. The ledger provides a chronicle of all changes made to the database over time. The ledger and the historical data are managed transparently, offering protection without any application changes. Historical data is maintained in a relational form to support SQL queries for auditing, forensics, and other purposes. Ledger provides cryptographic data integrity guarantees while maintaining the power, flexibility, and performance of Azure SQL Database. + +:::image type="content" source="media/ledger/ledger-table-architecture.png" alt-text="ledger table architecture"::: + +## Use case for Azure SQL Database ledger + +### Streamlining audits + +Any production system's value is based on the ability to trust the data the system is consuming and producing. If the data in your database has been tampered with by a malicious user, it can have disastrous results in the business processes relying on that data. Maintaining trust in your data requires a combination of enabling the proper security controls to reduce potential attacks, backup and restore practices, and thorough disaster recovery procedures. Ensuring these practices are put in place are often audited by external parties. Audit processes are highly time-intensive activities. Auditing requires on-site inspection of implemented practices such as reviewing audit logs, inspecting authentication and access controls, just to name a few. While these manual processes can expose potential gaps in security, what they can't provide is attestable proof that the data hasn't been maliciously altered. Ledger provides the cryptographic proof of data integrity to auditors, which can help not only streamline the auditing process, but also provides non-repudiation regarding the integrity of the system's data. + +### Multi-party business processes + +Systems where multiple organizations have a business process that must share state with one another, such as supply-chain management systems, struggle with the challenge of how to share and trust data with one another. Many organizations are turning to traditional blockchains, such as Ethereum or Hyperledger Fabric to digitally transform their multi-party business processes. Blockchain is a great solution for multi-party networks where trust is low between parties that participate on the network. However, many of these networks are fundamentally centralized solutions where trust is important, but a fully decentralized infrastructure is a heavy-weight solution. Ledger provides a solution for these networks where participants can verify the data integrity of the centrally housed data, rather than having the complexity and performance implications that network consensus introduces in a blockchain network. + +### Trusted off-chain storage for blockchain + +Where a blockchain network is necessary for a multi-party business process, having the ability query the data on the blockchain without sacrificing performance is a challenge. Typical patterns for solving this problem involve replicating data from the blockchain to an off-chain store, such as a database. However, once the data is replicated to the database from the blockchain, the data integrity guarantees that a blockchain offer is lost. Ledger provides the data integrity needed for off-chain storage of blockchain networks, ensuring complete data trust through the entire system. + +## How it works + +Each transaction that is received by the database is cryptographically hashed (SHA-256). The hash function uses the value of the transaction (including hashes of the rows contained in the transaction), along with the hash of the previous transaction as input to the hash function. The function cryptographically links all transactions together, similar to a blockchain. Cryptographic hashes ([database digests](#database-digests)), which represent the state of the database, are periodically generated and stored outside of Azure SQL Database in a tamper-proof storage location. An example of a storage location would be [Azure Storage immutable blobs](../../storage/blobs/storage-blob-immutable-storage.md) or [Azure Confidential Ledger](/azure/confidential-ledger/). Database digests are then later used to verify the integrity of the database by comparing the value of the hash in the digest against the calculated hashes in database. + +Ledger functionality is introduced to tables in Azure SQL Database in two forms: + +- [**Updatable ledger tables**](ledger-updatable-ledger-tables.md), which allow you to update and delete rows in your tables. +- [**Append-only ledger tables**](ledger-append-only-ledger-tables.md), which only allow inserts to your tables. + +Both **updatable ledger tables** and **append-only ledger tables** provide tamper-evidence and digital forensics capabilities. Understanding which transactions submitted by which users that resulted in changes to the database are important if both remediating potential tampering events, or proving to third parties that transactions submitted to the system were by authorized users. The ledger feature enables users, their partners, or auditors to analyze all historical operations and detect potential tampering. Each row operation is accompanied by the ID of the transaction that performed it, allowing users to retrieve more information about the time the transaction was executed, the identity of the user who executed it, and correlate it to other operations performed by this transaction. + +There are some limitations of ledger tables that you should be aware of. For details on limitations with ledger tables, see [Limitations for Azure SQL Database ledger](ledger-limits.md). + +### Ledger database + +A ledger database is a database, in which all user data is tamper evident and stored in ledger tables. A ledger database can only contain ledger tables, and each table is by default created as an updatable ledger table. Ledger databases provide an easy-to-use solution for applications that require the integrity of all data to be protected. + +### Updatable ledger tables + +[Updatable ledger tables](ledger-updatable-ledger-tables.md) are ideal for application patterns that expect to issue updates and deletes to tables in your database, such as System of Record (SOR) applications. This means that existing data patterns for your application don't need to change to enable ledger functionality. + +[Updatable ledger tables](ledger-updatable-ledger-tables.md) track the history of changes to any rows in your database when transactions that perform updates or deletes occur. An updatable ledger table is a system-versioned table that contains a reference to another table with a mirrored schema. The system uses this table to automatically store the previous version of the row each time a row in the ledger table gets updated or deleted. This other table is referred to as the history table. The history table is automatically created when you create an updatable ledger table. The values contained in the updatable ledger table and its corresponding history table provide a chronicle of the values of your database over time. In order to easily query this chronicle of your database, a system-generated ledger view is created, which joins the updatable ledger table and the history table. + +For more information on how to create and use updatable ledger tables, see [Create and use updatable ledger tables](ledger-how-to-updatable-ledger-tables.md). + +### Append-only ledger tables + +[Append-only ledger tables](ledger-append-only-ledger-tables.md) are ideal for application patterns that are insert-only, such as Security Information and Event Management (SEIM) applications. Append-only ledger tables block updates and deletes at the Application Programming Interface (API) level, providing further tampering protection from privileged users such as systems administrators and DBAs. Since only inserts are allowed into the system, append-only ledger tables don't have a corresponding history table as there's no history to capture. Like updatable ledger tables, a ledger view is created providing insights into the transaction that inserted rows into the append-only table, and the user that performed the insert. + +For more information on how to create and use append-only ledger tables, see [Create and use append-only ledger tables](ledger-how-to-append-only-ledger-tables.md). + +### Database ledger + +The database ledger consists of system tables that store the cryptographic hashes of transactions processed in the system. Since transactions are the unit of [atomicity](/windows/win32/cossdk/acid-properties) for the database engine, this is the unit of work being captured in the database ledger. Specifically, when a transaction commits, the SHA-256 hash of any rows modified by the transaction in the ledger table, together with some metadata for the transaction, such as the identity of the user that executed it and its commit timestamp, is appended as a *transaction entry* in the database ledger. Every 30 seconds, the transactions processed by the database are SHA-256 hashed together using a Merkle tree data structure, producing a root hash. This forms a block, which is then SHA-256 hashed using the root hash of the block along with the root hash of the previous block as input to the hash function, forming a blockchain. + +For more information on the database ledger, see [Database ledger](ledger-database-ledger.md). + +### Database digests + +The hash of the latest block in the database ledger is known as the database digest and represents the state of all ledger tables in the database at the time the block was generated. When a block is formed, its associated database digest is then published and stored outside of Azure SQL Database in a tamper-proof storage. Since database digests represent the state of the database at the point in time they were generated, protecting the digests from tampering is paramount. An attacker that has access to modify the digests would be able to tamper with the data in the database, generate the hashes representing the database with the tampered changes, and then modify the digests to represent the updated hash of the transactions in the block. Ledger provides the ability to automatically generate, and store the database digests in [Azure Storage immutable blobs](../../storage/blobs/storage-blob-immutable-storage.md), or [Azure Confidential Ledger](/azure/confidential-ledger/) to prevent tampering. Alternatively, users can manually generate database digests, storing them in the location of their choice. Database digests are used for later verifying that the data stored in ledger tables has not been tampered. + +For more information on the database digests, see [Digest management and database verification](ledger-digest-management-and-database-verification.md). + +### Ledger verification + +The ledger feature doesn't allow users to modify the content of the ledger. However, an attacker or system administrator who has control of the machine can bypass all system checks and directly tamper with the data. For example, an attacker or system administrator can edit the database files in storage. Ledger can't prevent such attacks but guarantees that any tampering will be detected when the ledger data is verified. The ledger verification process takes as input one or more previously generated database digests and recomputes the hashes stored in the database ledger based on the current state of the ledger tables. If the computed hashes don't match the input digests, the verification fails, indicating that the data has been tampered with, and reports all inconsistencies detected. + +Since the ledger verification recomputes all of the hashes for transactions in the database, it can be a resource-intensive process for databases with large amounts of data. Running the ledger verification should be done only when users need to verify the integrity of their database rather than in a continuous manner. Ideally, ledger verification should be run only when the organization hosting the data goes through an audit and needs to provide cryptographic evidence regarding the integrity of their data to another party. To reduce the cost of verification, ledger exposes options to verify individual ledger tables, or only a subset of the ledger. + +For more information on ledger verification, see [Digest management and database verification](ledger-digest-management-and-database-verification.md). + +## Next steps + +- [Quickstart: Create an Azure SQL Database with ledger enabled](ledger-create-a-single-database-with-ledger-enabled.md) +- [Updatable ledger tables](ledger-updatable-ledger-tables.md) +- [Append-only ledger tables](ledger-append-only-ledger-tables.md) +- [Database ledger](ledger-database-ledger.md) +- [Digest management and database verification](ledger-digest-management-and-database-verification.md) +- [Limitations for Azure SQL Database ledger](ledger-limits.md) +- [Create and use updatable ledger tables](ledger-how-to-updatable-ledger-tables.md) +- [Create and use append-only ledger tables](ledger-how-to-append-only-ledger-tables.md) +- [How to access the digests stored in Azure Confidential Ledger (ACL)](ledger-how-to-access-acl-digest.md) +- [How to verify a ledger table to detect tampering](ledger-verify-database.md) diff --git a/azure-sql/database/ledger-updatable-ledger-tables.md b/azure-sql/database/ledger-updatable-ledger-tables.md new file mode 100644 index 00000000000..f1d368b4d97 --- /dev/null +++ b/azure-sql/database/ledger-updatable-ledger-tables.md @@ -0,0 +1,85 @@ +--- +title: "Azure SQL Database updatable ledger tables" +description: This article provides information on updatable ledger tables, ledger schema, and ledger views in Azure SQL Database +ms.custom: "" +ms.date: "05/25/2021" +ms.service: sql-database +ms.subservice: security +ms.reviewer: vanto +ms.topic: conceptual +author: JasonMAnderson +ms.author: janders +--- + +# Azure SQL Database updatable ledger tables + +[!INCLUDE[appliesto-sqldb](../includes/appliesto-sqldb.md)] + +> [!NOTE] +> Azure SQL Database ledger is currently in **public preview**. + +Updatable ledger tables are system-versioned tables that users can perform updates and deletes on while also providing tamper-evidence capabilities. When updates or deletes occur, all earlier versions of a row are preserved in a secondary table, known as the history table. The history table mirrors the schema of the updatable ledger table. When a row is updated, the latest version of the row remains in the ledger table, while its earlier version is inserted into the history table by the system, transparently to the application. + +:::image type="content" source="media/ledger/ledger-table-architecture.png" alt-text="ledger table architecture"::: + +## Updatable ledger tables vs. temporal tables + +Both updatable ledger tables and [temporal tables](/sql/relational-databases/tables/temporal-tables) are system-versioned tables, for which the Database Engine captures historical row versions in secondary history tables. Either technology provides unique benefits. Updatable ledger tables make both the current and historical data tamper-evident. Temporal tables support querying the data stored at any point in time rather than only the data that is correct at the current moment in time. + +You can use both technologies together by creating tables that are both updatable ledger tables and temporal tables. +Creating an updatable ledger table can be accomplished two ways: + +- When creating a new database in the Azure portal by selecting **Enable ledger on all future tables in this database** during ledger configuration, or through specifying the `LEDGER = ON` argument in your [CREATE DATABASE (Transact-SQL)](/sql/t-sql/statements/create-database-transact-sql) statement. This creates a ledger database, ensuring all future tables created in your database are updatable ledger tables by default. +- When creating a new table on a database where ledger isn't enabled at the database-level, by specifying the `LEDGER = ON` argument in your [CREATE TABLE (Transact-SQL)](/sql/t-sql/statements/create-table-transact-sql) statement. + +For details on options available when specifying the `LEDGER` argument in your T-SQL statement, see [CREATE TABLE (Transact-SQL)](/sql/t-sql/statements/create-table-transact-sql). + +> [!IMPORTANT] +> Once created, a ledger table cannot be converted to a table that is not a ledger table. This is to ensure an attacker cannot temporarily remove ledger capabilities on a ledger table, make changes, and then re-enable ledger functionality. + +### Updatable ledger table schema + +An updatable ledger table needs to have the following [GENERATED ALWAYS](/sql/t-sql/statements/create-table-transact-sql#generate-always-columns) columns that contain metadata noting which transactions made changes to the table and the order of operations by which rows were updated by the transaction. This data is useful for forensics purposes in understanding how data was inserted over time. + +> [!NOTE] +> If you do not specify the required `GENERATED ALWAYS` columns of the ledger table and ledger history table in the [CREATE TABLE (Transact-SQL)](/sql/t-sql/statements/create-table-transact-sql?view=azuresqldb-current&preserve-view=true) statement, the system will automatically add the columns, and it will use the below default names. For more information, see our examples of [Creating a updatable ledger table](/sql/t-sql/statements/create-table-transact-sql?view=azuresqldb-current&preserve-view=true#x-creating-a-updatable-ledger-table). + +| Default column name | Data type | Description | +| --- | --- | --- | +| ledger_start_transaction_id | bigint | The ID of the transaction that created a row version. | +| ledger_end_transaction_id | bigint | The ID of the transaction that deleted a row version. | +| ledger_start_sequence_number | bigint | The sequence number of an operation within a transaction that created a row version. | +| ledger_end_sequence_number | bigint | The sequence number of an operation within a transaction that deleted a row version. | + +## History table + +The history table is automatically created when an updatable ledger table is created. The history table captures the historical values of rows changed because of updates and deletes in the updatable ledger table. The schema of the history table mirrors that of the updatable ledger table it's associated with. + +When creating an updatable ledger table, you can either specify the name of the schema to contain your history table and the name of the history table, or you have the system generate the name of the history table and add it to the same schema as the ledger table. History tables with system-generated names are called anonymous history tables. The naming convention for an anonymous history table is ``.``.MSSQL_LedgerHistoryFor_``. + +## Ledger view + +For every updatable ledger table, the system automatically generates a view, called the ledger view. The ledger view is a join of the updatable ledger table and its associated history table. The ledger view reports all row modifications that have occurred on the updatable ledger table by joining the historical data in the history table. This enables users, their partners, or auditors to analyze all historical operations and detect potential tampering. Each row operation is accompanied by the ID of the acting transaction, along with whether the operation was a `DELETE` or an `INSERT`. Users can retrieve more information about the time the transaction was executed, the identity of the user who executed it, and correlate it to other operations performed by this transaction. + +For example, if you wanted to track transaction history for a simple banking scenario, the ledger view is incredibly helpful to provide a chronicle of the transactions over time, rather than having to independently view the updatable ledger table and history tables, or constructing your own view to do so. + +For an example on using the ledger view, see [Create and use updatable ledger tables](ledger-how-to-updatable-ledger-tables.md). + +The ledger view's schema mirrors the columns defined in the updatable ledger and history table, but the [GENERATED ALWAYS](/sql/t-sql/statements/create-table-transact-sql#generate-always-columns) columns are different than those of the updatable ledger and history tables. + +### Ledger view schema + +> [!NOTE] +> The ledger view column names can be customized when creating the table using the `` parameter with the [CREATE TABLE (Transact-SQL)](/sql/t-sql/statements/create-table-transact-sql?view=azuresqldb-current&preserve-view=true) statement. For more information, see [ledger view options](/sql/t-sql/statements/create-table-transact-sql?view=azuresqldb-current&preserve-view=true#ledger-view-options) and the corresponding examples in [CREATE TABLE (Transact-SQL)](/sql/t-sql/statements/create-table-transact-sql?view=azuresqldb-current&preserve-view=true). + +| Default column name | Data type | Description | +| --- | --- | --- | +| ledger_transaction_id | bigint | The ID of the transaction that created or deleted a row version. | +| ledger_sequence_number | bigint | The sequence number of a row-level operation within the transaction on the table. | +| ledger_operation_type_id | tinyint | Contains `0` (**INSERT**) or `1` (**DELETE**). Inserting a row into the ledger table produces a new row in the ledger view containing `0` in this column. Deleting a row from the ledger table produces a new row in the ledger view containing `1` in this column. Updating a row in the ledger table produces two new rows in the ledger view. One row contains `1` (**DELETE**) and the other row contains `1` (**INSERT**) in this column. | +| ledger_operation_type_desc | nvarchar(128) | Contains `INSERT` or `DELETE`. See above for details. | + +## Next steps + +- [Create and use updatable ledger tables](ledger-how-to-updatable-ledger-tables.md) +- [Create and use append-only ledger tables](ledger-how-to-append-only-ledger-tables.md) diff --git a/azure-sql/database/ledger-verify-database.md b/azure-sql/database/ledger-verify-database.md new file mode 100644 index 00000000000..b15a63b3754 --- /dev/null +++ b/azure-sql/database/ledger-verify-database.md @@ -0,0 +1,126 @@ +--- +title: How to verify a ledger table to detect tampering +description: This article discusses how to verify if an Azure SQL Database table has been tampered with +ms.service: sql-database +ms.subservice: security +ms.devlang: +ms.topic: how-to +author: JasonMAnderson +ms.author: janders +ms.reviewer: vanto +ms.date: 05/25/2021 +--- + +# How to verify a ledger table to detect tampering + +[!INCLUDE[appliesto-sqldb](../includes/appliesto-sqldb.md)] + +> [!NOTE] +> Azure SQL Database ledger is currently in **public preview**. + +In this article, you'll verify the integrity of the data in your Azure SQL Database ledger tables. If you've checked **Enable automatic digest storage** when [creating your Azure SQL Database](ledger-create-a-single-database-with-ledger-enabled.md), follow the Azure portal instructions to automatically generate the Transact-SQL (T-SQL) script needed to verify the database ledger in [Query Editor](connect-query-portal.md). Otherwise, follow the T-SQL instructions using either [SQL Server Management Studio (SSMS)](/sql/ssms/download-sql-server-management-studio-ssms) or [Azure Data Studio](/sql/azure-data-studio/download-azure-data-studio). + +## Prerequisite + +- An active Azure subscription. If you don't have one, [create a free account](https://azure.microsoft.com/free/). +- [Create an Azure SQL Database with ledger enabled.](ledger-create-a-single-database-with-ledger-enabled.md) +- [Create and use updatable ledger tables](ledger-how-to-updatable-ledger-tables.md) or [Create and use append-only ledger tables](ledger-how-to-append-only-ledger-tables.md) + +## Run ledger verification for Azure SQL Database + +# [Portal](#tab/azure-portal) + +1. Open the [Azure portal](https://portal.azure.com/), select **All resources** and locate the database you want to verify. Select that SQL database. + + :::image type="content" source="media/ledger/ledger-portal-all-resources.png" alt-text="Azure portal showing with All resources tab"::: + +1. In **Security**, select the **Ledger** option. + + :::image type="content" source="media/ledger/ledger-portal-manage-ledger.png" alt-text="Azure portal ledger security tab"::: + +1. In the **Ledger** pane, select the ** Verify database** button, and select the **copy** icon in the pre-populated text in the window. + + :::image type="content" source="media/ledger/ledger-portal-verify.png" alt-text="Azure portal verify database button"::: + +1. Open **Query Editor** in the left menu. + + :::image type="content" source="media/ledger/ledger-portal-open-query-editor.png" alt-text="Azure portal query editor button"::: + +1. In **Query editor**, paste the T-SQL script you copied in Step 3, and select **Run**. + + :::image type="content" source="media/ledger/ledger-portal-run-query-editor.png" alt-text="Azure portal run query editor to verify the database"::: + +1. Successful verification will return the following in the **Results** window. + + - If there was no tampering in your database, the message will be as follows: + + ```output + Ledger verification successful + ``` + + - If there was tampering in your database, the following error will be in the **Messages** window. + + ```output + Failed to execute query. Error: The hash of block xxxx in the database ledger does not match the hash provided in the digest for this block. + ``` + +# [T-SQL](#tab/t-sql) + +1. Connect to your database using either [SQL Server Management Studio](/sql/ssms/download-sql-server-management-studio-ssms) or [Azure Data Studio](/sql/azure-data-studio/download-azure-data-studio). +1. Create a new query with the following T-SQL statement. + + ```sql + /****** This will retrieve the latest digest file ******/ + EXECUTE sp_generate_database_ledger_digest + ``` + +1. Execute the query. The results contain the latest database digest, and represent the hash of the database at the current point in time. Copy the contents of the results to be used in the next step. + + :::image type="content" source="media/ledger/ledger-retrieve-digest.png" alt-text="Retrieve digest results using Azure Data Studio"::: + +1. Create a new query with the following T-SQL statement. Replace `` with the digest you copied in the previous step. + + ``` + /****** Verifies the integrity of the ledger using the referenced digest ******/ + EXECUTE sp_verify_database_ledger N' + + ' + ``` + +1. Execute the query. The **Messages** will contain the success message below. + + :::image type="content" source="media/ledger/ledger-verify-message.png" alt-text="Message after running T-SQL query for ledger verification using Azure Data Studio"::: + + > [!TIP] + > Running ledger verification with the latest digest will only verify the database from the time the digest was generated until the time the verification was run. To verify that the historical data in your database was not tampered with, run verification using multiple database digest files. Start with the point in time which you want to verify the database. An example of a verification passing multiple digests would look similar to the below query: + + ``` + EXECUTE sp_verify_database_ledger N' + [ + { + "database_name": "ledgerdb", + "block_id": 0, + "hash": "0xDC160697D823C51377F97020796486A59047EBDBF77C3E8F94EEE0FFF7B38A6A", + "last_transaction_commit_time": "2020-11-12T18:01:56.6200000", + "digest_time": "2020-11-12T18:39:27.7385724" + }, + { + "database_name": "ledgerdb", + "block_id": 1, + "hash": "0xE5BE97FDFFA4A16ADF7301C8B2BEBC4BAE5895CD76785D699B815ED2653D9EF8", + "last_transaction_commit_time": "2020-11-12T18:39:35.6633333", + "digest_time": "2020-11-12T18:43:30.4701575" + } + ] + ``` + +--- + +## Next steps + +- [Azure SQL Database ledger Overview](ledger-overview.md) +- [Database ledger](ledger-database-ledger.md) +- [Digest management and database verification](ledger-digest-management-and-database-verification.md) +- [Append-only ledger tables](ledger-append-only-ledger-tables.md) +- [Updatable ledger tables](ledger-updatable-ledger-tables.md) +- [How to access the digests stored in Azure Confidential Ledger (ACL)](ledger-how-to-access-acl-digest.md) diff --git a/azure-sql/database/logical-servers.md b/azure-sql/database/logical-servers.md index 504c1da2930..7ecdcd4da8b 100644 --- a/azure-sql/database/logical-servers.md +++ b/azure-sql/database/logical-servers.md @@ -4,12 +4,12 @@ titleSuffix: "" description: Learn about logical SQL servers used by Azure SQL Database and Azure Synapse Analytics, and how to manage them. services: sql-database ms.service: sql-database -ms.subservice: single-database +ms.subservice: service-overview ms.custom: ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 03/12/2019 --- diff --git a/azure-sql/database/logins-create-manage.md b/azure-sql/database/logins-create-manage.md index b184914e520..141d8262c0b 100644 --- a/azure-sql/database/logins-create-manage.md +++ b/azure-sql/database/logins-create-manage.md @@ -9,9 +9,9 @@ ms.subservice: security ms.custom: sqldbrb=3 ms.devlang: ms.topic: conceptual -author: VanMSFT -ms.author: vanto -ms.reviewer: sstein +author: AndreasWolter +ms.author: anwolter +ms.reviewer: vanto, mathoma ms.date: 03/23/2020 --- # Authorize database access to SQL Database, SQL Managed Instance, and Azure Synapse Analytics diff --git a/azure-sql/database/long-term-backup-retention-configure.md b/azure-sql/database/long-term-backup-retention-configure.md index abad1851491..bfe56ccea3f 100644 --- a/azure-sql/database/long-term-backup-retention-configure.md +++ b/azure-sql/database/long-term-backup-retention-configure.md @@ -4,12 +4,12 @@ description: "Learn how to store and restore automated backups for Azure SQL Dat services: sql-database ms.service: sql-db-mi ms.subservice: backup-restore -ms.custom: +ms.custom: devx-track-azurepowershell ms.devlang: ms.topic: how-to -author: anosov1960 -ms.author: sashan -ms.reviewer: mathoma, sstein +author: shkale-msft +ms.author: shkale +ms.reviewer: mathoma ms.date: 12/16/2020 --- diff --git a/azure-sql/database/long-term-retention-overview.md b/azure-sql/database/long-term-retention-overview.md index ed4081bc67a..1a51464108f 100644 --- a/azure-sql/database/long-term-retention-overview.md +++ b/azure-sql/database/long-term-retention-overview.md @@ -4,13 +4,13 @@ titleSuffix: Azure SQL Database & Azure SQL Managed Instance description: Learn how Azure SQL Database & Azure SQL Managed Instance support storing full database backups for up to 10 years via the long-term retention policy. services: sql-database ms.service: sql-database -ms.subservice: operations +ms.subservice: backup-restore ms.custom: ms.devlang: ms.topic: conceptual -author: shkale +author: shkale-msft ms.author: shkale -ms.reviewer: mathoma, sstein +ms.reviewer: mathoma ms.date: 02/25/2021 --- # Long-term retention - Azure SQL Database and Azure SQL Managed Instance diff --git a/azure-sql/database/maintenance-window-configure.md b/azure-sql/database/maintenance-window-configure.md index ef143ed8754..4159ca4e5f7 100644 --- a/azure-sql/database/maintenance-window-configure.md +++ b/azure-sql/database/maintenance-window-configure.md @@ -3,11 +3,11 @@ title: Configure maintenance window (Preview) description: Learn how to set the time when planned maintenance should be performed on your Azure SQL databases, elastic pools, and managed instance databases. services: sql-database ms.service: sql-db-mi -ms.subservice: service +ms.subservice: deployment-configuration ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: +author: scott-kim-sql +ms.author: scottkim +ms.reviewer: mathoma ms.date: 03/23/2021 --- # Configure maintenance window (Preview) diff --git a/azure-sql/database/maintenance-window-faq.yml b/azure-sql/database/maintenance-window-faq.yml index 46555efb0bd..3bc80778003 100644 --- a/azure-sql/database/maintenance-window-faq.yml +++ b/azure-sql/database/maintenance-window-faq.yml @@ -4,7 +4,7 @@ metadata: description: FAQ on how the Azure SQL Database and managed instance maintenance window can be configured. services: sql-database ms.service: sql-db-mi - ms.subservice: service + ms.subservice: service-overview ms.topic: reference author: WilliamDAssafMSFT ms.author: wiassaf diff --git a/azure-sql/database/maintenance-window.md b/azure-sql/database/maintenance-window.md index 5277d514a2e..c5e6a322344 100644 --- a/azure-sql/database/maintenance-window.md +++ b/azure-sql/database/maintenance-window.md @@ -3,13 +3,13 @@ title: Maintenance Window description: Understand how the Azure SQL Database and managed instance maintenance window can be configured. services: sql-database ms.service: sql-db-mi -ms.subservice: service +ms.subservice: service-overview ms.topic: conceptual author: WilliamDAssafMSFT ms.author: wiassaf ms.reviewer: sstein ms.custom: references_regions -ms.date: 04/28/2021 +ms.date: 05/25/2021 --- # Maintenance window (Preview) @@ -40,7 +40,7 @@ You can further adjust the maintenance updates to a time suitable to your Azure * Weekday window, 10PM to 6AM local time Monday - Thursday * Weekend window, 10PM to 6AM local time Friday - Sunday -Once the maintenance window selection is made and service configuration completed, planned maintenance will occur only during the window of your choice. +Once the maintenance window selection is made and service configuration completed, planned maintenance will occur only during the window of your choice. While maintenance events typically complete within a single window, some of them may span two or more adjacent windows. > [!Important] > In very rare circumstances where any postponement of action could cause serious impact, like applying critical security patch, configured maintenance window may be temporarily overriden. @@ -103,7 +103,7 @@ For more on the client connection policy in Azure SQL Managed Instance see [Azur ## Considerations for Azure SQL Managed Instance -Azure SQL Managed Instance consists of service components hosted on a dedicated set of isolated virtual machines that run inside the customer's virtual network subnet. These virtual machines form [virtual cluster(s)](../managed-instance/connectivity-architecture-overview.md#high-level-connectivity-architecture) that can host multiple managed instances. Maintenance window configured on instances of one subnet can influence the number of virtual clusters within the subnet and distribution of instances among virtual clusters. This may require a consideration of few effects. +Azure SQL Managed Instance consists of service components hosted on a dedicated set of isolated virtual machines that run inside the customer's virtual network subnet. These virtual machines form [virtual cluster(s)](../managed-instance/connectivity-architecture-overview.md#high-level-connectivity-architecture) that can host multiple managed instances. Maintenance window configured on instances of one subnet can influence the number of virtual clusters within the subnet, distribution of instances among virtual clusters, and virtual cluster management operations. This may require a consideration of few effects. ### Maintenance window configuration is long running operation All instances hosted in a virtual cluster share the maintenance window. By default, all managed instances are hosted in the virtual cluster with the default maintenance window. Specifying another maintenance window for managed instance during its creation or afterwards means that it must be placed in virtual cluster with corresponding maintenance window. If there is no such virtual cluster in the subnet, a new one must be created first to accommodate the instance. Accommodating additional instance in the existing virtual cluster may require cluster resize. Both operations contribute to the duration of configuring maintenance window for a managed instance. @@ -121,6 +121,10 @@ Configuring and changing maintenance window causes change of the IP address of t > [!Important] > Make sure that NSG and firewall rules won't block data traffic after IP address change. +### Serialization of virtual cluster management operations +Operations affecting the virtual cluster, like service upgrades and virtual cluster resize (adding new or removing unneeded compute nodes) are serialized. In other words, a new virtual cluster management operation cannot start until the previous one is completed. In case that maintenance window closes before the ongoing service upgrade or maintenance operation is completed, any other virtual cluster management operations submitted in the meantime will be put on hold until next maintenance window opens and service upgrade or maintenance operation completes. It is not common for a maintenance operation to take longer than a single window per virtual cluster, but it can happen in case of very complex maintenance operations. +The serialization of virtual cluster management operations is general behavior that applies to the default maintenance policy as well. With a maintenance window schedule configured, the period between two adjacent windows can be few days long. Submitted operations can also be on hold for few days if the maintenance operation spans two windows. That is very rare case, but creation of new instances or resize of the existing instances (if additional compute nodes are needed) may be blocked during this period. + ## Next steps * [Advance notifications](advance-notifications.md) diff --git a/azure-sql/database/manage-application-rolling-upgrade.md b/azure-sql/database/manage-application-rolling-upgrade.md index b8222a70463..072bd1462fe 100644 --- a/azure-sql/database/manage-application-rolling-upgrade.md +++ b/azure-sql/database/manage-application-rolling-upgrade.md @@ -4,12 +4,12 @@ description: Learn how to use Azure SQL Database geo-replication to support roll services: sql-database ms.service: sql-database ms.subservice: high-availability -ms.custom: sqldbrb=1 +ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: ms.topic: how-to -author: anosov1960 -ms.author: sashan -ms.reviewer: mathoma, sstein +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 02/13/2019 --- diff --git a/azure-sql/database/manage-data-after-migrating-to-database.md b/azure-sql/database/manage-data-after-migrating-to-database.md index 002d1a8c9ba..9e35bdbdb5a 100644 --- a/azure-sql/database/manage-data-after-migrating-to-database.md +++ b/azure-sql/database/manage-data-after-migrating-to-database.md @@ -4,13 +4,13 @@ titleSuffix: Azure SQL Database description: Learn how to manage your single and pooled databases after migration to Azure SQL Database. services: sql-database ms.service: sql-database -ms.subservice: service +ms.subservice: migration ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual -author: joesackmsft -ms.author: josack -ms.reviewer: sstein +author: mokabiru +ms.author: mokabiru +ms.reviewer: mathoma ms.date: 02/13/2019 --- # New DBA in the cloud – Managing Azure SQL Database after migration diff --git a/azure-sql/database/media/always-encrypted-enclaves/connect-to-server-configure-attestation.png b/azure-sql/database/media/always-encrypted-enclaves/connect-to-server-configure-attestation.png index 68c13b4fbb2..62e431d40f1 100644 Binary files a/azure-sql/database/media/always-encrypted-enclaves/connect-to-server-configure-attestation.png and b/azure-sql/database/media/always-encrypted-enclaves/connect-to-server-configure-attestation.png differ diff --git a/azure-sql/database/media/always-encrypted-enclaves/connect-without-always-encrypted-ssms.png b/azure-sql/database/media/always-encrypted-enclaves/connect-without-always-encrypted-ssms.png index 8e0481fbd14..5bdb821ee3c 100644 Binary files a/azure-sql/database/media/always-encrypted-enclaves/connect-without-always-encrypted-ssms.png and b/azure-sql/database/media/always-encrypted-enclaves/connect-without-always-encrypted-ssms.png differ diff --git a/azure-sql/database/media/always-encrypted-enclaves/portal-attest-uri.png b/azure-sql/database/media/always-encrypted-enclaves/portal-attest-uri.png new file mode 100644 index 00000000000..96da66482cf Binary files /dev/null and b/azure-sql/database/media/always-encrypted-enclaves/portal-attest-uri.png differ diff --git a/azure-sql/database/media/always-encrypted-enclaves/portal-configure-attestation-policy.png b/azure-sql/database/media/always-encrypted-enclaves/portal-configure-attestation-policy.png new file mode 100644 index 00000000000..d7b6653e5e3 Binary files /dev/null and b/azure-sql/database/media/always-encrypted-enclaves/portal-configure-attestation-policy.png differ diff --git a/azure-sql/database/media/always-encrypted-enclaves/portal-configure-database-networking.png b/azure-sql/database/media/always-encrypted-enclaves/portal-configure-database-networking.png new file mode 100644 index 00000000000..a29b4cebe2b Binary files /dev/null and b/azure-sql/database/media/always-encrypted-enclaves/portal-configure-database-networking.png differ diff --git a/azure-sql/database/media/always-encrypted-enclaves/portal-configure-database.png b/azure-sql/database/media/always-encrypted-enclaves/portal-configure-database.png new file mode 100644 index 00000000000..34d8f1b6bfb Binary files /dev/null and b/azure-sql/database/media/always-encrypted-enclaves/portal-configure-database.png differ diff --git a/azure-sql/database/media/always-encrypted-enclaves/portal-configure-dc-series-database-basics.png b/azure-sql/database/media/always-encrypted-enclaves/portal-configure-dc-series-database-basics.png new file mode 100644 index 00000000000..a705560a12f Binary files /dev/null and b/azure-sql/database/media/always-encrypted-enclaves/portal-configure-dc-series-database-basics.png differ diff --git a/azure-sql/database/media/always-encrypted-enclaves/portal-configure-dc-series-database.png b/azure-sql/database/media/always-encrypted-enclaves/portal-configure-dc-series-database.png new file mode 100644 index 00000000000..45621632edb Binary files /dev/null and b/azure-sql/database/media/always-encrypted-enclaves/portal-configure-dc-series-database.png differ diff --git a/azure-sql/database/media/always-encrypted-enclaves/portal-create-attestation-provider-basics.png b/azure-sql/database/media/always-encrypted-enclaves/portal-create-attestation-provider-basics.png new file mode 100644 index 00000000000..d482a313aaa Binary files /dev/null and b/azure-sql/database/media/always-encrypted-enclaves/portal-create-attestation-provider-basics.png differ diff --git a/azure-sql/database/media/always-encrypted-enclaves/portal-edit-attestation-policy.png b/azure-sql/database/media/always-encrypted-enclaves/portal-edit-attestation-policy.png new file mode 100644 index 00000000000..c8bac4a668f Binary files /dev/null and b/azure-sql/database/media/always-encrypted-enclaves/portal-edit-attestation-policy.png differ diff --git a/azure-sql/database/media/connectivity-architecture/connectivity-onprem.png b/azure-sql/database/media/connectivity-architecture/connectivity-onprem.png index bd34c6e514c..ce54cd280d5 100644 Binary files a/azure-sql/database/media/connectivity-architecture/connectivity-onprem.png and b/azure-sql/database/media/connectivity-architecture/connectivity-onprem.png differ diff --git a/azure-sql/database/media/ledger/append-only-how-to-1.png b/azure-sql/database/media/ledger/append-only-how-to-1.png new file mode 100644 index 00000000000..607341028f8 Binary files /dev/null and b/azure-sql/database/media/ledger/append-only-how-to-1.png differ diff --git a/azure-sql/database/media/ledger/append-only-how-to-keycardevent-table.png b/azure-sql/database/media/ledger/append-only-how-to-keycardevent-table.png new file mode 100644 index 00000000000..407cc4af441 Binary files /dev/null and b/azure-sql/database/media/ledger/append-only-how-to-keycardevent-table.png differ diff --git a/azure-sql/database/media/ledger/automatic-digest-management.png b/azure-sql/database/media/ledger/automatic-digest-management.png new file mode 100644 index 00000000000..623ed3a8d02 Binary files /dev/null and b/azure-sql/database/media/ledger/automatic-digest-management.png differ diff --git a/azure-sql/database/media/ledger/database-ledger-1.png b/azure-sql/database/media/ledger/database-ledger-1.png new file mode 100644 index 00000000000..5b6e0556112 Binary files /dev/null and b/azure-sql/database/media/ledger/database-ledger-1.png differ diff --git a/azure-sql/database/media/ledger/ledger-configure-ledger-pane.png b/azure-sql/database/media/ledger/ledger-configure-ledger-pane.png new file mode 100644 index 00000000000..592020cf51e Binary files /dev/null and b/azure-sql/database/media/ledger/ledger-configure-ledger-pane.png differ diff --git a/azure-sql/database/media/ledger/ledger-configure-ledger-security-tab.png b/azure-sql/database/media/ledger/ledger-configure-ledger-security-tab.png new file mode 100644 index 00000000000..43600effc14 Binary files /dev/null and b/azure-sql/database/media/ledger/ledger-configure-ledger-security-tab.png differ diff --git a/azure-sql/database/media/ledger/ledger-create-database-networking-tab.png b/azure-sql/database/media/ledger/ledger-create-database-networking-tab.png new file mode 100644 index 00000000000..19a52475927 Binary files /dev/null and b/azure-sql/database/media/ledger/ledger-create-database-networking-tab.png differ diff --git a/azure-sql/database/media/ledger/ledger-portal-all-resources.png b/azure-sql/database/media/ledger/ledger-portal-all-resources.png new file mode 100644 index 00000000000..12befb74caa Binary files /dev/null and b/azure-sql/database/media/ledger/ledger-portal-all-resources.png differ diff --git a/azure-sql/database/media/ledger/ledger-portal-manage-ledger.png b/azure-sql/database/media/ledger/ledger-portal-manage-ledger.png new file mode 100644 index 00000000000..d98c2ba96d4 Binary files /dev/null and b/azure-sql/database/media/ledger/ledger-portal-manage-ledger.png differ diff --git a/azure-sql/database/media/ledger/ledger-portal-open-query-editor.png b/azure-sql/database/media/ledger/ledger-portal-open-query-editor.png new file mode 100644 index 00000000000..e42b445b7a9 Binary files /dev/null and b/azure-sql/database/media/ledger/ledger-portal-open-query-editor.png differ diff --git a/azure-sql/database/media/ledger/ledger-portal-run-query-editor.png b/azure-sql/database/media/ledger/ledger-portal-run-query-editor.png new file mode 100644 index 00000000000..7333327604c Binary files /dev/null and b/azure-sql/database/media/ledger/ledger-portal-run-query-editor.png differ diff --git a/azure-sql/database/media/ledger/ledger-portal-verify.png b/azure-sql/database/media/ledger/ledger-portal-verify.png new file mode 100644 index 00000000000..99d4ceee3a0 Binary files /dev/null and b/azure-sql/database/media/ledger/ledger-portal-verify.png differ diff --git a/azure-sql/database/media/ledger/ledger-retrieve-digest.png b/azure-sql/database/media/ledger/ledger-retrieve-digest.png new file mode 100644 index 00000000000..11053d5b15c Binary files /dev/null and b/azure-sql/database/media/ledger/ledger-retrieve-digest.png differ diff --git a/azure-sql/database/media/ledger/ledger-review-security-tab.png b/azure-sql/database/media/ledger/ledger-review-security-tab.png new file mode 100644 index 00000000000..cacdf427c28 Binary files /dev/null and b/azure-sql/database/media/ledger/ledger-review-security-tab.png differ diff --git a/azure-sql/database/media/ledger/ledger-table-architecture-append-only.png b/azure-sql/database/media/ledger/ledger-table-architecture-append-only.png new file mode 100644 index 00000000000..d3170681c4f Binary files /dev/null and b/azure-sql/database/media/ledger/ledger-table-architecture-append-only.png differ diff --git a/azure-sql/database/media/ledger/ledger-table-architecture.png b/azure-sql/database/media/ledger/ledger-table-architecture.png new file mode 100644 index 00000000000..6993bf007e1 Binary files /dev/null and b/azure-sql/database/media/ledger/ledger-table-architecture.png differ diff --git a/azure-sql/database/media/ledger/ledger-updatable-how-to-new-tables.png b/azure-sql/database/media/ledger/ledger-updatable-how-to-new-tables.png new file mode 100644 index 00000000000..8b8e240f495 Binary files /dev/null and b/azure-sql/database/media/ledger/ledger-updatable-how-to-new-tables.png differ diff --git a/azure-sql/database/media/ledger/ledger-verify-message.png b/azure-sql/database/media/ledger/ledger-verify-message.png new file mode 100644 index 00000000000..ae3c3047916 Binary files /dev/null and b/azure-sql/database/media/ledger/ledger-verify-message.png differ diff --git a/azure-sql/database/media/ledger/merkle-tree.png b/azure-sql/database/media/ledger/merkle-tree.png new file mode 100644 index 00000000000..a7e9c7d4b3f Binary files /dev/null and b/azure-sql/database/media/ledger/merkle-tree.png differ diff --git a/azure-sql/database/media/ledger/sql-updatable-how-to-1.png b/azure-sql/database/media/ledger/sql-updatable-how-to-1.png new file mode 100644 index 00000000000..dd82056f1cf Binary files /dev/null and b/azure-sql/database/media/ledger/sql-updatable-how-to-1.png differ diff --git a/azure-sql/database/media/ledger/sql-updatable-how-to-2.png b/azure-sql/database/media/ledger/sql-updatable-how-to-2.png new file mode 100644 index 00000000000..dabbd23c816 Binary files /dev/null and b/azure-sql/database/media/ledger/sql-updatable-how-to-2.png differ diff --git a/azure-sql/database/media/ledger/sql-updatable-how-to-3.png b/azure-sql/database/media/ledger/sql-updatable-how-to-3.png new file mode 100644 index 00000000000..fd59a52a5c3 Binary files /dev/null and b/azure-sql/database/media/ledger/sql-updatable-how-to-3.png differ diff --git a/azure-sql/database/metrics-diagnostic-telemetry-logging-streaming-export-configure.md b/azure-sql/database/metrics-diagnostic-telemetry-logging-streaming-export-configure.md index d0265450e9b..043d49d281b 100644 --- a/azure-sql/database/metrics-diagnostic-telemetry-logging-streaming-export-configure.md +++ b/azure-sql/database/metrics-diagnostic-telemetry-logging-streaming-export-configure.md @@ -4,7 +4,7 @@ description: Learn how to configure streaming export of metrics and resource log services: sql-database ms.service: sql-db-mi ms.subservice: performance -ms.custom: seoapril2019 +ms.custom: seoapril2019, devx-track-azurepowershell ms.devlang: sqldbrb=2 ms.topic: how-to author: danimir @@ -752,4 +752,4 @@ To learn about Event Hubs, read: To learn how to set up alerts based on telemetry from log analytics see: -- [Creating alerts for Azure SQL Database and Azure SQL Managed Instance](../../azure-monitor/insights/azure-sql.md#analyze-data-and-create-alerts) \ No newline at end of file +- [Creating alerts for Azure SQL Database and Azure SQL Managed Instance](../../azure-monitor/insights/azure-sql.md#analyze-data-and-create-alerts) diff --git a/azure-sql/database/migrate-dtu-to-vcore.md b/azure-sql/database/migrate-dtu-to-vcore.md index be467f07637..e4b1ca0cdf7 100644 --- a/azure-sql/database/migrate-dtu-to-vcore.md +++ b/azure-sql/database/migrate-dtu-to-vcore.md @@ -3,12 +3,12 @@ title: Migrate from DTU to vCore description: Migrate a database in Azure SQL Database from the DTU model to the vCore model. Migrating to vCore is similar to upgrading or downgrading between the standard and premium tiers. services: sql-database ms.service: sql-database -ms.subservice: service +ms.subservice: service-overview ms.topic: conceptual ms.custom: sqldbrb=1 -author: WilliamDAssafMSFT -ms.author: wiassaf -ms.reviewer: sashan, moslake +author: dimitri-furman +ms.author: dfurman +ms.reviewer: mathoma, moslake ms.date: 02/09/2021 --- # Migrate Azure SQL Database from the DTU-based model to the vCore-based model diff --git a/azure-sql/database/migrate-sqlite-db-to-azure-sql-serverless-offline-tutorial.md b/azure-sql/database/migrate-sqlite-db-to-azure-sql-serverless-offline-tutorial.md index 092633fce96..457f5c2f62a 100644 --- a/azure-sql/database/migrate-sqlite-db-to-azure-sql-serverless-offline-tutorial.md +++ b/azure-sql/database/migrate-sqlite-db-to-azure-sql-serverless-offline-tutorial.md @@ -5,10 +5,12 @@ services: sql-database author: joplum ms.author: joplum ms.service: sql-database +ms.subservice: migration ms.workload: data-services ms.topic: tutorial ms.date: 01/08/2020 ms.custom: sqldbrb=1 +ms.reviewer: mathoma --- # How to migrate your SQLite database to Azure SQL Database serverless diff --git a/azure-sql/database/migrate-to-database-from-sql-server.md b/azure-sql/database/migrate-to-database-from-sql-server.md index a2faec5e7e2..5b106a559e5 100644 --- a/azure-sql/database/migrate-to-database-from-sql-server.md +++ b/azure-sql/database/migrate-to-database-from-sql-server.md @@ -8,9 +8,9 @@ ms.subservice: migration ms.custom: sqldbrb=1 ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: +author: mokabiru +ms.author: mokabiru +ms.reviewer: mathoma ms.date: 02/11/2019 --- # SQL Server database migration to Azure SQL Database diff --git a/azure-sql/database/move-resources-across-regions.md b/azure-sql/database/move-resources-across-regions.md index 27c3ea0c953..94c1fceb37e 100644 --- a/azure-sql/database/move-resources-across-regions.md +++ b/azure-sql/database/move-resources-across-regions.md @@ -8,8 +8,8 @@ ms.subservice: data-movement ms.custom: sqldbrb=2 ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein +author: rothja +ms.author: jroth ms.reviewer: ms.date: 06/25/2019 --- diff --git a/azure-sql/database/network-access-controls-overview.md b/azure-sql/database/network-access-controls-overview.md index 7a4a20c136e..78e527854b6 100644 --- a/azure-sql/database/network-access-controls-overview.md +++ b/azure-sql/database/network-access-controls-overview.md @@ -5,7 +5,7 @@ description: Overview of how to manage and control network access for Azure SQL services: sql-database ms.service: sql-database ms.subservice: security -ms.custom: sqldbrb=3 +ms.custom: sqldbrb=3, devx-track-azurepowershell ms.devlang: ms.topic: conceptual author: rohitnayakmsft diff --git a/azure-sql/database/planned-maintenance.md b/azure-sql/database/planned-maintenance.md index fe6765f8b82..a422556261c 100644 --- a/azure-sql/database/planned-maintenance.md +++ b/azure-sql/database/planned-maintenance.md @@ -3,13 +3,13 @@ title: Plan for Azure maintenance events description: Learn how to prepare for planned maintenance events in Azure SQL Database and Azure SQL Managed Instance. services: sql-database ms.service: sql-db-mi -ms.subservice: service +ms.subservice: service-overview ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual author: aamalvea ms.author: aamalvea -ms.reviewer: sstein +ms.reviewer: mathoma ms.date: 3/23/2021 --- diff --git a/azure-sql/database/policy-reference.md b/azure-sql/database/policy-reference.md index 136e964dcbf..0b9aef3e30f 100644 --- a/azure-sql/database/policy-reference.md +++ b/azure-sql/database/policy-reference.md @@ -3,9 +3,11 @@ title: Built-in policy definitions for Azure SQL Database description: Lists Azure Policy built-in policy definitions for Azure SQL Database and SQL Managed Instance. These built-in policy definitions provide common approaches to managing your Azure resources. ms.date: 05/14/2021 ms.topic: reference -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma + ms.service: sql-database +ms.subservice: service-overview ms.custom: subject-policy-reference --- # Azure Policy built-in definitions for Azure SQL Database & SQL Managed Instance diff --git a/azure-sql/database/powershell-script-content-guide.md b/azure-sql/database/powershell-script-content-guide.md index d4f9cabb99c..124b1a27069 100644 --- a/azure-sql/database/powershell-script-content-guide.md +++ b/azure-sql/database/powershell-script-content-guide.md @@ -7,8 +7,8 @@ ms.subservice: development ms.custom: sqldbrb=2 ms.devlang: PowerShell ms.topic: sample -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 03/25/2019 --- diff --git a/azure-sql/database/purchasing-models.md b/azure-sql/database/purchasing-models.md index 02c45038042..71eacdf35b5 100644 --- a/azure-sql/database/purchasing-models.md +++ b/azure-sql/database/purchasing-models.md @@ -4,12 +4,12 @@ titleSuffix: Azure SQL Database & SQL Managed Instance description: Learn about the purchasing models that are available for Azure SQL Database and Azure SQL Managed Instance. services: sql-database ms.service: sql-db-mi -ms.subservice: features +ms.subservice: service-overview ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual -author: WilliamDAssafMSFT -ms.author: wiassaf +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 05/28/2020 --- diff --git a/azure-sql/database/quickstart-content-reference-guide.md b/azure-sql/database/quickstart-content-reference-guide.md index 7dbded13027..c7c63e70c84 100644 --- a/azure-sql/database/quickstart-content-reference-guide.md +++ b/azure-sql/database/quickstart-content-reference-guide.md @@ -1,14 +1,14 @@ --- title: Single database quickstart content reference -description: 'Find a content reference of all the quickstarts that will help you quickly get started with single databases in Azure SQL Database.' +description: 'Find a content reference of all the quickstarts that help you quickly get started with Azure SQL Database.' services: sql-database ms.service: sql-database -ms.subservice: single-database +ms.subservice: service-overview ms.custom: sqldbrb=1 ms.devlang: ms.topic: guide -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 07/29/2019 --- diff --git a/azure-sql/database/quota-increase-request.md b/azure-sql/database/quota-increase-request.md index 25cb4eeccf5..d73c122aeb4 100644 --- a/azure-sql/database/quota-increase-request.md +++ b/azure-sql/database/quota-increase-request.md @@ -3,11 +3,11 @@ title: Request a quota increase description: This page describes how to create a support request to increase the quotas for Azure SQL Database and Azure SQL Managed Instance. services: sql-database ms.service: sql-db-mi -ms.subservice: service +ms.subservice: deployment-configuration ms.topic: how-to author: sachinpMSFT ms.author: sachinp -ms.reviewer: sstein +ms.reviewer: mathoma ms.date: 06/04/2020 --- @@ -49,7 +49,7 @@ Use the following steps to create a new support request from the Azure portal fo ![Enter details link](./media/quota-increase-request/provide-details-link.png) -Clicking **Enter details** displays the **Quota details** window that allows you to add additional information. The following sections describe the different options for **SQL Database** and **SQL Database Managed Instance** quota types. +Clicking **Enter details** displays the **Quota details** window that allows you to add additional information. The following sections describe the different options for **SQL Database** and **SQL Managed Instance** quota types. ## SQL Database quota types diff --git a/azure-sql/database/read-scale-out.md b/azure-sql/database/read-scale-out.md index fbc74f1e150..fdce2007b82 100644 --- a/azure-sql/database/read-scale-out.md +++ b/azure-sql/database/read-scale-out.md @@ -4,12 +4,12 @@ description: Azure SQL provides the ability to use the capacity of read-only rep services: sql-database ms.service: sql-database ms.subservice: scale-out -ms.custom: sqldbrb=1 +ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: ms.topic: conceptual -author: anosov1960 -ms.author: sashan -ms.reviewer: sstein +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 01/20/2021 --- # Use read-only replicas to offload read-only query workloads @@ -191,4 +191,4 @@ In this fashion, creating a geo-replica provides two more read-only replicas for ## Next steps -- For information about SQL Database Hyperscale offering, see [Hyperscale service tier](service-tier-hyperscale.md). \ No newline at end of file +- For information about SQL Database Hyperscale offering, see [Hyperscale service tier](service-tier-hyperscale.md). diff --git a/azure-sql/database/recovery-using-backups.md b/azure-sql/database/recovery-using-backups.md index a61489ee6d8..4ac8943be5a 100644 --- a/azure-sql/database/recovery-using-backups.md +++ b/azure-sql/database/recovery-using-backups.md @@ -4,13 +4,13 @@ titleSuffix: Azure SQL Database & SQL Managed Instance description: Learn about point-in-time restore, which enables you to roll back a database in Azure SQL Database or an instance in Azure SQL Managed Instance up to 35 days. services: sql-database ms.service: sql-db-mi -ms.subservice: service +ms.subservice: backup-restore ms.custom: ms.devlang: ms.topic: conceptual -author: anosov1960 -ms.author: sashan -ms.reviewer: mathoma, sstein, danil +author: shkale-msft +ms.author: shkale +ms.reviewer: mathoma danil ms.date: 11/13/2020 --- # Recover using automated database backups - Azure SQL Database & SQL Managed Instance @@ -185,7 +185,7 @@ For a PowerShell script that shows how to perform geo-restore for a managed inst ### Geo-restore considerations -You can't perform a point-in-time restore on a geo-secondary database. You can do so only on a primary database. For detailed information about using geo-restore to recover from an outage, see [Recover from an outage](../../key-vault/general/disaster-recovery-guidance.md). +You can't perform a point-in-time restore on a geo-secondary database. You can do so only on a primary database. For detailed information about using geo-restore to recover from an outage, see [Recover from an outage](disaster-recovery-guidance.md#recover-using-geo-restore). > [!IMPORTANT] > Geo-restore is the most basic disaster-recovery solution available in SQL Database and SQL Managed Instance. It relies on automatically created geo-replicated backups with a recovery point objective (RPO) up to 1 hour and an estimated recovery time of up to 12 hours. It doesn't guarantee that the target region will have the capacity to restore your databases after a regional outage, because a sharp increase of demand is likely. If your application uses relatively small databases and is not critical to the business, geo-restore is an appropriate disaster-recovery solution. diff --git a/azure-sql/database/replication-to-sql-database.md b/azure-sql/database/replication-to-sql-database.md index 119d0bb7b96..00cd281bff6 100644 --- a/azure-sql/database/replication-to-sql-database.md +++ b/azure-sql/database/replication-to-sql-database.md @@ -3,12 +3,12 @@ title: Azure SQL Server replication to Azure SQL Database description: You can configure a database in Azure SQL Database as the push subscriber in a one-way transactional or snapshot replication topology. services: sql-database ms.service: sql-database -ms.subservice: data-movement +ms.subservice: replication ms.custom: seo-lt-2019, sqldbrb=1 ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein +author: ferno-ms +ms.author: ferno ms.reviewer: mathoma ms.date: 04/28/2020 --- diff --git a/azure-sql/database/reserved-capacity-overview.md b/azure-sql/database/reserved-capacity-overview.md index 6fb2fb9dde1..e5aa3ce9123 100644 --- a/azure-sql/database/reserved-capacity-overview.md +++ b/azure-sql/database/reserved-capacity-overview.md @@ -4,13 +4,13 @@ titleSuffix: Azure SQL Database & SQL Managed Instance description: Learn how to buy Azure SQL Database and SQL Managed Instance reserved capacity to save on your compute costs. services: sql-database ms.service: sql-db-mi -ms.subservice: features +ms.subservice: service-overview ms.custom: sqldbrb=2 ms.devlang: ms.topic: conceptual -author: anosov1960 -ms.author: sashan -ms.reviewer: sstein +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 10/13/2020 --- # Save costs for resources with reserved capacity - Azure SQL Database & SQL Managed Instance diff --git a/azure-sql/database/resource-health-to-troubleshoot-connectivity.md b/azure-sql/database/resource-health-to-troubleshoot-connectivity.md index b0eacf03aff..541ff8442ce 100644 --- a/azure-sql/database/resource-health-to-troubleshoot-connectivity.md +++ b/azure-sql/database/resource-health-to-troubleshoot-connectivity.md @@ -7,9 +7,9 @@ ms.subservice: performance ms.custom: sqldbrb=2 ms.devlang: ms.topic: conceptual -author: aamalvea -ms.author: aamalvea -ms.reviewer: wiassaf, sstein +author: AlainDormehlMSFT +ms.author: aldorme +ms.reviewer: mathoma, wiassaf ms.date: 03/24/2021 --- # Use Resource Health to troubleshoot connectivity for Azure SQL Database and Azure SQL Managed Instance diff --git a/azure-sql/database/resource-limits-dtu-elastic-pools.md b/azure-sql/database/resource-limits-dtu-elastic-pools.md index 084d3812d54..26c26ada815 100644 --- a/azure-sql/database/resource-limits-dtu-elastic-pools.md +++ b/azure-sql/database/resource-limits-dtu-elastic-pools.md @@ -7,9 +7,9 @@ ms.subservice: elastic-pools ms.custom: seo-lt-2019 sqldbrb=1 references_regions ms.devlang: ms.topic: reference -author: sachinpMSFT -ms.author: sachinp -ms.reviewer: sstein +author: dimitri-furman +ms.author: dfurman +ms.reviewer: mathoma ms.date: 04/09/2021 --- # Resources limits for elastic pools using the DTU purchasing model @@ -155,6 +155,8 @@ If all DTUs of an elastic pool are used, then each database in the pool receives > [!NOTE] > For `tempdb` limits, see [tempdb limits](/sql/relational-databases/databases/tempdb-database#tempdb-database-in-sql-database). +> +> For additional information on storage limits in the Premium service tier, see [Storage space governance](resource-limits-logical-server.md#storage-space-governance). ### Database properties for pooled databases diff --git a/azure-sql/database/resource-limits-dtu-single-databases.md b/azure-sql/database/resource-limits-dtu-single-databases.md index b29bc86d1ee..b3c7cd9e9ba 100644 --- a/azure-sql/database/resource-limits-dtu-single-databases.md +++ b/azure-sql/database/resource-limits-dtu-single-databases.md @@ -3,14 +3,14 @@ title: DTU resource limits single databases description: This page describes some common DTU resource limits for single databases in Azure SQL Database. services: sql-database ms.service: sql-database -ms.subservice: single-database +ms.subservice: service-overview ms.custom: references_regions, seo-lt-2019, sqldbrb=1 ms.devlang: ms.topic: reference -author: stevestein -ms.author: sstein -ms.reviewer: -ms.date: 04/09/2021 +author: dimitri-furman +ms.author: dfurman +ms.reviewer: mathoma +ms.date: 04/16/2021 --- # Resource limits for single databases using the DTU purchasing model - Azure SQL Database [!INCLUDE[appliesto-sqldb](../includes/appliesto-sqldb.md)] @@ -108,8 +108,11 @@ The following tables show the resources available for a single database at each > [!IMPORTANT] > More than 1 TB of storage in the Premium tier is currently available in all regions except: China East, China North, Germany Central, and Germany Northeast. In these regions, the storage max in the Premium tier is limited to 1 TB. For more information, see [P11-P15 current limitations](single-database-scale.md#p11-and-p15-constraints-when-max-size-greater-than-1-tb). + > [!NOTE] > For `tempdb` limits, see [tempdb limits](/sql/relational-databases/databases/tempdb-database#tempdb-database-in-sql-database). +> +> For additional information on storage limits in the Premium service tier, see [Storage space governance](resource-limits-logical-server.md#storage-space-governance). ## Next steps diff --git a/azure-sql/database/resource-limits-logical-server.md b/azure-sql/database/resource-limits-logical-server.md index 392f1a59659..f9e2094d594 100644 --- a/azure-sql/database/resource-limits-logical-server.md +++ b/azure-sql/database/resource-limits-logical-server.md @@ -3,14 +3,14 @@ title: Resource limits for logical servers in Azure description: This article provides an overview of the resource limits for the logical server in Azure used by Azure SQL Database and Azure Synapse Analytics. It also provides information regarding what happens when those resource limits are hit or exceeded. services: sql-database ms.service: sql-database -ms.subservice: single-database +ms.subservice: service-overview ms.custom: ms.devlang: ms.topic: reference -author: stevestein -ms.author: sstein -ms.reviewer: sashan,moslake,josack -ms.date: 03/25/2021 +author: dimitri-furman +ms.author: dfurman +ms.reviewer: mathoma +ms.date: 04/16/2021 --- # Resource limits for Azure SQL Database and Azure Synapse Analytics servers @@ -44,7 +44,7 @@ This article provides an overview of the resource limits for the [logical server ### Storage size -For single databases resource storage sizes, refer to either [DTU-based resource limits](resource-limits-dtu-single-databases.md) or [vCore-based resource limits](resource-limits-vcore-single-databases.md) for the storage size limits per pricing tier. +For single databases resource storage sizes, refer to either [DTU-based resource limits](resource-limits-dtu-single-databases.md) or [vCore-based resource limits](resource-limits-vcore-single-databases.md) for the storage size limits per pricing tier (also known as service objective). ## What happens when database resource limits are reached @@ -58,14 +58,17 @@ When encountering high compute utilization, mitigation options include: ### Storage -When database space used reaches the max size limit, database inserts and updates that increase the data size fail and clients receive an [error message](troubleshoot-common-errors-issues.md). SELECT and DELETE statements continue to succeed. +When database space used reaches the maximum data size limit, database inserts and updates that increase data size fail and clients receive an [error message](troubleshoot-common-errors-issues.md). SELECT and DELETE statements remain unaffected. + +In Premium and Business Critical service tiers, clients also receive an error message if combined storage consumption by data, transaction log, and tempdb exceeds maximum local storage size. For more information, see [Storage space governance](#storage-space-governance). When encountering high space utilization, mitigation options include: -- Increasing the max size of the database or elastic pool, or adding more storage. See [Scale single database resources](single-database-scale.md) and [Scale elastic pool resources](elastic-pool-scale.md). +- Increase maximum data size of the database or elastic pool, or scale up to a service objective with a higher maximum data size limit. See [Scale single database resources](single-database-scale.md) and [Scale elastic pool resources](elastic-pool-scale.md). - If the database is in an elastic pool, then alternatively the database can be moved outside of the pool so that its storage space isn't shared with other databases. -- Shrink a database to reclaim unused space. For more information, see [Manage file space in Azure SQL Database](file-space-manage.md). +- Shrink a database to reclaim unused space. In elastic pools, shrinking a database provides more storage for other databases in the pool. For more information, see [Manage file space in Azure SQL Database](file-space-manage.md). - Check if high space utilization is due to a spike in the size of Persistent Version Store (PVS). PVS is a part of each database, and is used to implement [Accelerated Database Recovery](../accelerated-database-recovery.md). To determine current PVS size, see [PVS troubleshooting](/sql/relational-databases/accelerated-database-recovery-management#troubleshooting). A common reason for large PVS size is a transaction that is open for a long time (hours), preventing cleanup of older versions in PVS. +- For large databases in Premium and Business Critical service tiers, you may receive an out-of-space error even though used space in the database is below its maximum size limit. This may happen if tempdb or transaction log consume a large amount of storage toward the maximum local storage limit. [Fail over](high-availability-sla.md#testing-application-fault-resiliency) the database or elastic pool to reset tempdb to its initial smaller size, or [shrink](file-space-manage.md#shrinking-transaction-log-file) transaction log to reduce local storage consumption. ### Sessions and workers (requests) @@ -127,7 +130,7 @@ Azure SQL Database resource governance is hierarchical in nature. From top to bo Data IO governance is a process in Azure SQL Database used to limit both read and write physical IO against data files of a database. IOPS limits are set for each service level to minimize the "noisy neighbor" effect, to provide resource allocation fairness in the multi-tenant service, and to stay within the capabilities of the underlying hardware and storage. -For single databases, workload group limits are applied to all storage IO against the database, while resource pool limits apply to all storage IO against all databases in the same resource pool, including the `tempdb` database. For elastic pools, workload group limits apply to each database in the pool, whereas resource pool limit applies to the entire elastic pool, including the `tempdb` database, which is shared among all databases in the pool. In general, resource pool limits may not be achievable by the workload against a database (either single or pooled), because workload group limits are lower than resource pool limits and limit IOPS/throughput sooner. However, pool limits may be reached by the combined workload against multiple databases on the same pool. +For single databases, workload group limits are applied to all storage IO against the database, while resource pool limits apply to all storage IO against all databases on the same dedicated SQL pool, including the tempdb database. For elastic pools, workload group limits apply to each database in the pool, whereas resource pool limit applies to the entire elastic pool, including the tempdb database, which is shared among all databases in the pool. In general, resource pool limits may not be achievable by the workload against a database (either single or pooled), because workload group limits are lower than resource pool limits and limit IOPS/throughput sooner. However, pool limits may be reached by the combined workload against multiple databases on the same pool. For example, if a query generates 1000 IOPS without any IO resource governance, but the workload group maximum IOPS limit is set to 900 IOPS, the query won't be able to generate more than 900 IOPS. However, if the resource pool maximum IOPS limit is set to 1500 IOPS, and the total IO from all workload groups associated with the resource pool exceeds 1500 IOPS, then the IO of the same query may be reduced below the workgroup limit of 900 IOPS. @@ -172,11 +175,40 @@ When encountering a log rate limit that is hampering desired scalability, consid ### Storage space governance -In Premium and Business Critical service tiers, data and transaction log files are stored on the local SSD volume of the machine hosting the database or elastic pool. This provides high IOPS and throughput, and low IO latency. The size of this local volume depends on hardware capabilities, and is finite. On a given machine, local volume space is consumed by customer databases including `tempdb`, the operating system, management software, monitoring data, logs, etc. As databases are created, deleted, and increase/decrease their space usage, local space consumption on a machine fluctuates over time. +In Premium and Business Critical service tiers, customer data including *data files*, *transaction log files*, and *tempdb files* is stored on the local SSD storage of the machine hosting the database or elastic pool. Local SSD storage provides high IOPS and throughput, and low IO latency. In addition to customer data, local storage is used for the operating system, management software, monitoring data and logs, and other files necessary for system operation. + +The size of local storage is finite and depends on hardware capabilities, which determine the **maximum local storage** limit, or local storage set aside for customer data. This limit is set to maximize customer data storage, while ensuring safe and reliable system operation. To find the **maximum local storage** value for each service objective, see resource limits documentation for [single databases](resource-limits-vcore-single-databases.md) and [elastic pools](resource-limits-vcore-elastic-pools.md). + +You can also find this value, and the amount of local storage currently used by a given database or elastic pool, using the following query: + +```tsql +SELECT server_name, database_name, slo_name, user_data_directory_space_quota_mb, user_data_directory_space_usage_mb +FROM sys.dm_user_db_resource_governance +WHERE database_id = DB_ID(); +``` + +|Column|Description| +| :----- | :----- | +|`server_name`|Logical server name| +|`database_name`|Database name| +|`slo_name`|Service objective name, including hardware generation| +|`user_data_directory_space_quota_mb`|**Maximum local storage**, in MB| +|`user_data_directory_space_usage_mb`|Current local storage consumption by data files, transaction log files, and tempdb files, in MB. Updated every five minutes.| +||| -If the system detects that available free space on a machine is low and a database or elastic pool is at risk of running out of space, it will move the database or elastic pool to a different machine with sufficient free space, allowing growth up to maximum size limits of the configured service objective. This move occurs in an online fashion, similarly to a database scaling operation, and has a similar [impact](single-database-scale.md#impact), including a short (seconds) failover at the end of the operation. This failover terminates open connections and rolls back transactions, potentially impacting applications using the database at that time. +This query should be executed in the user database, not in the master database. For elastic pools, the query can be executed in any database in the pool. Reported values apply to the entire pool. -Because data is physically copied to a different machine, moving larger databases may require a substantial amount of time. During that time, if local space consumption by a large user database or elastic pool, or by the `tempdb` database grows very rapidly, the risk of running out of space increases. The system initiates database movement in a balanced fashion to prevent out-of-space errors and to avoid unnecessary failovers. +> [!IMPORTANT] +> In Premium and Business Critical service tiers, if the workload attempts to increase combined local storage consumption by data files, transaction log files, and tempdb files over the **maximum local storage** limit, an out-of-space error will occur. + +As databases are created, deleted, and increase or decrease in size, local storage consumption on a machine fluctuates over time. If the system detects that available local storage on a machine is low, and a database or an elastic pool is at risk of running out of space, it will move the database or elastic pool to a different machine with sufficient local storage available. + +This move occurs in an online fashion, similarly to a database scaling operation, and has a similar [impact](single-database-scale.md#impact), including a short (seconds) failover at the end of the operation. This failover terminates open connections and rolls back transactions, potentially impacting applications using the database at that time. + +Because all data is copied to a local storage volume on a different machine, moving larger databases may require a substantial amount of time. During that time, if local space consumption by the database or elastic pool, or by the tempdb database grows rapidly, the risk of running out of space increases. The system initiates database movement in a balanced fashion to minimize out-of-space errors while avoiding unnecessary failovers. + +> [!NOTE] +> Database movement due to insufficient local storage only occurs in the Premium or Business Critical service tiers. It does not occur in the Hyperscale, General Purpose, Standard, and Basic service tiers, because in those tiers data files are not stored on local storage. ## Next steps diff --git a/azure-sql/database/resource-limits-vcore-elastic-pools.md b/azure-sql/database/resource-limits-vcore-elastic-pools.md index ccb407ce8c8..1428305eaf7 100644 --- a/azure-sql/database/resource-limits-vcore-elastic-pools.md +++ b/azure-sql/database/resource-limits-vcore-elastic-pools.md @@ -4,13 +4,13 @@ description: This page describes some common vCore resource limits for elastic p services: sql-database ms.service: sql-database ms.subservice: elastic-pools -ms.custom: sqldbrb=1 +ms.custom: sqldbrb=1, references_regions ms.devlang: ms.topic: reference -author: oslake -ms.author: moslake -ms.reviewer: sstein -ms.date: 04/09/2021 +author: dimitri-furman +ms.author: dfurman +ms.reviewer: mathoma +ms.date: 04/16/2021 --- # Resource limits for elastic pools using the vCore purchasing model [!INCLUDE[appliesto-sqldb](../includes/appliesto-sqldb.md)] @@ -290,6 +290,7 @@ You can set the service tier, compute size (service objective), and storage amou |Max data size (GB)|1024|1024|1024|1024|1024| |Max log size (GB)|307|307|307|307|307| |TempDB max data size (GB)|64|96|128|160|192| +|[Max local storage size](resource-limits-logical-server.md#storage-space-governance) (GB)|1356|1356|1356|1356|1356| |IO latency (approximate)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)| |Max data IOPS per pool 2|9,000|13,500|18,000|22,500|27,000| |Max log rate per pool (MBps)|20|30|40|50|60| @@ -322,6 +323,7 @@ You can set the service tier, compute size (service objective), and storage amou |Max data size (GB)|1024|1024|1024|1024|1024|1024| |Max log size (GB)|307|307|307|307|307|307| |TempDB max data size (GB)|224|256|288|320|512|768| +|[Max local storage size](resource-limits-logical-server.md#storage-space-governance) (GB)|1356|1356|1356|1356|1356|1356| |IO latency (approximate)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)| |Max data IOPS per pool 2|31,500|36,000|40,500|45,000|72,000|96,000| |Max log rate per pool (MBps)|70|80|80|80|80|80| @@ -355,6 +357,7 @@ You can set the service tier, compute size (service objective), and storage amou |Max data size (GB)|1024|1536|1536|1536|3072|3072| |Max log size (GB)|307|307|461|461|922|922| |TempDB max data size (GB)|128|192|256|320|384|448| +|[Max local storage size](resource-limits-logical-server.md#storage-space-governance) (GB)|4829|4829|4829|4829|4829|4829| |Storage type|Local SSD|Local SSD|Local SSD|Local SSD|Local SSD|Local SSD| |IO latency (approximate)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)| |Max data IOPS per pool 2|18,000|27,000|36,000|45,000|54,000|63,000| @@ -387,6 +390,7 @@ You can set the service tier, compute size (service objective), and storage amou |Max data size (GB)|3072|3072|3072|4096|4096|4096|4096| |Max log size (GB)|922|922|922|1229|1229|1229|1229| |TempDB max data size (GB)|512|576|640|768|1024|1280|2560| +|[Max local storage size](resource-limits-logical-server.md#storage-space-governance) (GB)|4829|4829|4829|4829|4829|4829|4829| |Storage type|Local SSD|Local SSD|Local SSD|Local SSD|Local SSD|Local SSD|Local SSD| |IO latency (approximate)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)| |Max data IOPS per pool 2|72,000|81,000|90,000|108,000|144,000|180,000|256,000| @@ -421,6 +425,7 @@ You can set the service tier, compute size (service objective), and storage amou |Max data size (GB)|512|640|768|896|1024|1152| |Max log size (GB)|171|213|256|299|341|384| |TempDB max data size (GB)|256|320|384|448|512|576| +|[Max local storage size](resource-limits-logical-server.md#storage-space-governance) (GB)|13836|13836|13836|13836|13836|13836| |Storage type|Local SSD|Local SSD|Local SSD|Local SSD|Local SSD|Local SSD| |IO latency (approximate)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)| |Max data IOPS per pool 2|12,499|15,624|18,748|21,873|24,998|28,123| @@ -455,6 +460,7 @@ If all vCores of an elastic pool are busy, then each database in the pool receiv |Max data size (GB)|1280|1536|2048|4096|4096| |Max log size (GB)|427|512|683|1024|1024| |TempDB max data size (GB)|640|768|1024|2048|4096| +|[Max local storage size](resource-limits-logical-server.md#storage-space-governance) (GB)|13836|13836|13836|13836|13836| |Storage type|Local SSD|Local SSD|Local SSD|Local SSD|Local SSD| |IO latency (approximate)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)| |Max data IOPS per pool 2|31,248|37,497|49,996|99,993|160,000| @@ -488,6 +494,7 @@ If all vCores of an elastic pool are busy, then each database in the pool receiv |Max data size (GB)|768|768|768|768| |Max log size (GB)|230|230|230|230| |TempDB max data size (GB)|64|128|192|256| +|[Max local storage size](resource-limits-logical-server.md#storage-space-governance) (GB)|1406|1406|1406|1406| |Storage type|Local SSD|Local SSD|Local SSD|Local SSD| |IO latency (approximate)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)| |Max data IOPS per pool 2|15750|31500|47250|56000| diff --git a/azure-sql/database/resource-limits-vcore-single-databases.md b/azure-sql/database/resource-limits-vcore-single-databases.md index 9addd22123e..06d85b13214 100644 --- a/azure-sql/database/resource-limits-vcore-single-databases.md +++ b/azure-sql/database/resource-limits-vcore-single-databases.md @@ -3,14 +3,14 @@ title: Single database vCore resource limits description: This page describes some common vCore resource limits for a single database in Azure SQL Database. services: sql-database ms.service: sql-database -ms.subservice: single-database -ms.custom: sqldbrb=1 +ms.subservice: service-overview +ms.custom: sqldbrb=1, references_regions ms.devlang: ms.topic: reference -author: stevestein -ms.author: sstein -ms.reviewer: -ms.date: 04/09/2021 +author: dimitri-furman +ms.author: dfurman +ms.reviewer: mathoma +ms.date: 04/16/2021 --- # Resource limits for single databases using the vCore purchasing model [!INCLUDE[appliesto-sqldb](../includes/appliesto-sqldb.md)] @@ -473,6 +473,7 @@ The [serverless compute tier](serverless-tier-overview.md) is currently availabl |Max data size (GB)|1024|1024|1024|1024|1024|1024| |Max log size (GB)|307|307|307|307|307|307| |TempDB max data size (GB)|32|64|96|128|160|192| +|[Max local storage size](resource-limits-logical-server.md#storage-space-governance) (GB)|1356|1356|1356|1356|1356|1356| |IO latency (approximate)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)| |Max data IOPS *|4,000|8,000|12,000|16,000|20,000|24,000| |Max log rate (MBps)|8|16|24|32|40|48| @@ -499,6 +500,7 @@ The [serverless compute tier](serverless-tier-overview.md) is currently availabl |Max data size (GB)|1024|1024|1024|1024|1024|1024| |Max log size (GB)|307|307|307|307|307|307| |TempDB max data size (GB)|224|256|288|320|512|768| +|[Max local storage size](resource-limits-logical-server.md#storage-space-governance) (GB)|1356|1356|1356|1356|1356|1356| |IO latency (approximate)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)| |Max data IOPS |28,000|32,000|36,000|40,000|64,000|76,800| |Max log rate (MBps)|56|64|64|64|64|64| @@ -526,6 +528,7 @@ The [serverless compute tier](serverless-tier-overview.md) is currently availabl |Max data size (GB)|1024|1024|1536|1536|1536|3072|3072| |Max log size (GB)|307|307|461|461|461|922|922| |TempDB max data size (GB)|64|128|192|256|320|384|448| +|[Max local storage size](resource-limits-logical-server.md#storage-space-governance) (GB)|4829|4829|4829|4829|4829|4829|4829| |Storage type|Local SSD|Local SSD|Local SSD|Local SSD|Local SSD|Local SSD|Local SSD| |IO latency (approximate)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)| |Max data IOPS *|8000|16,000|24,000|32,000|40,000|48,000|56,000| @@ -552,6 +555,7 @@ The [serverless compute tier](serverless-tier-overview.md) is currently availabl |Max data size (GB)|3072|3072|3072|4096|4096|4096|4096| |Max log size (GB)|922|922|922|1024|1024|1024|1024| |TempDB max data size (GB)|512|576|640|768|1024|1280|2560| +|[Max local storage size](resource-limits-logical-server.md#storage-space-governance) (GB)|4829|4829|4829|4829|4829|4829|4829| |Storage type|Local SSD|Local SSD|Local SSD|Local SSD|Local SSD|Local SSD|Local SSD| |IO latency (approximate)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)| |Max data IOPS *|64,000|72,000|80,000|96,000|128,000|160,000|204,800| @@ -580,6 +584,7 @@ The [serverless compute tier](serverless-tier-overview.md) is currently availabl |Max data size (GB)|512|640|768|896|1024|1152| |Max log size (GB)|171|213|256|299|341|384| |TempDB max data size (GB)|256|320|384|448|512|576| +|[Max local storage size](resource-limits-logical-server.md#storage-space-governance) (GB)|13836|13836|13836|13836|13836|13836| |Storage type|Local SSD|Local SSD|Local SSD|Local SSD|Local SSD|Local SSD| |IO latency (approximate)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)| |Max data IOPS *|12,499|15,624|18,748|21,873|24,998|28,123| @@ -609,6 +614,7 @@ The [serverless compute tier](serverless-tier-overview.md) is currently availabl |Max data size (GB)|1280|1536|2048|4096|4096| |Max log size (GB)|427|512|683|1024|1024| |TempDB max data size (GB)|4096|2048|1024|768|640| +|[Max local storage size](resource-limits-logical-server.md#storage-space-governance) (GB)|13836|13836|13836|13836|13836| |Storage type|Local SSD|Local SSD|Local SSD|Local SSD|Local SSD| |IO latency (approximate)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)| |Max data IOPS *|31,248|37,497|49,996|99,993|160,000| @@ -638,6 +644,7 @@ The [serverless compute tier](serverless-tier-overview.md) is currently availabl |Max data size (GB)|768|768|768|768| |Max log size (GB)|230|230|230|230| |TempDB max data size (GB)|64|128|192|256| +|[Max local storage size](resource-limits-logical-server.md#storage-space-governance) (GB)|1406|1406|1406|1406| |Storage type|Local SSD|Local SSD|Local SSD|Local SSD| |IO latency (approximate)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)|1-2 ms (write)
1-2 ms (read)| |Max data IOPS *|14000|28000|42000|44800| diff --git a/azure-sql/database/saas-dbpertenant-dr-geo-replication.md b/azure-sql/database/saas-dbpertenant-dr-geo-replication.md index 3da3f9afb1c..750d3e0a09c 100644 --- a/azure-sql/database/saas-dbpertenant-dr-geo-replication.md +++ b/azure-sql/database/saas-dbpertenant-dr-geo-replication.md @@ -7,9 +7,8 @@ ms.subservice: scenario ms.custom: seo-lt-2019, sqldbrb=1 ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein -ms.reviewer: +author: MashaMSFT +ms.author: mathoma ms.date: 01/25/2019 --- # Disaster recovery for a multi-tenant SaaS application using database geo-replication diff --git a/azure-sql/database/saas-dbpertenant-dr-geo-restore.md b/azure-sql/database/saas-dbpertenant-dr-geo-restore.md index ee4597a0160..11b8d031875 100644 --- a/azure-sql/database/saas-dbpertenant-dr-geo-restore.md +++ b/azure-sql/database/saas-dbpertenant-dr-geo-restore.md @@ -7,9 +7,9 @@ ms.subservice: scenario ms.custom: seo-lt-2019, sqldbrb=1 ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein -ms.reviewer: +author: MashaMSFT +ms.author: mathoma + ms.date: 01/14/2019 --- # Use geo-restore to recover a multitenant SaaS application from database backups diff --git a/azure-sql/database/saas-dbpertenant-get-started-deploy.md b/azure-sql/database/saas-dbpertenant-get-started-deploy.md index e24425c54a8..0f4adc17a4c 100644 --- a/azure-sql/database/saas-dbpertenant-get-started-deploy.md +++ b/azure-sql/database/saas-dbpertenant-get-started-deploy.md @@ -7,8 +7,8 @@ ms.subservice: scenario ms.custom: sqldbrb=1 ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 01/25/2019 --- diff --git a/azure-sql/database/saas-dbpertenant-log-analytics.md b/azure-sql/database/saas-dbpertenant-log-analytics.md index 1ff1139f1d5..a9e143702c3 100644 --- a/azure-sql/database/saas-dbpertenant-log-analytics.md +++ b/azure-sql/database/saas-dbpertenant-log-analytics.md @@ -7,8 +7,8 @@ ms.subservice: scenario ms.custom: seo-lt-2019, sqldbrb=1 ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 01/25/2019 --- diff --git a/azure-sql/database/saas-dbpertenant-performance-monitoring.md b/azure-sql/database/saas-dbpertenant-performance-monitoring.md index 855b12f4296..17c6e80b325 100644 --- a/azure-sql/database/saas-dbpertenant-performance-monitoring.md +++ b/azure-sql/database/saas-dbpertenant-performance-monitoring.md @@ -7,8 +7,9 @@ ms.subservice: scenario ms.custom: seo-lt-2019, sqldbrb=1 ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma + ms.reviewer: ms.date: 01/25/2019 --- diff --git a/azure-sql/database/saas-dbpertenant-provision-and-catalog.md b/azure-sql/database/saas-dbpertenant-provision-and-catalog.md index 6201f791e77..8651a675abd 100644 --- a/azure-sql/database/saas-dbpertenant-provision-and-catalog.md +++ b/azure-sql/database/saas-dbpertenant-provision-and-catalog.md @@ -7,8 +7,8 @@ ms.subservice: scenario ms.custom: seo-lt-2019, sqldbrb=1 ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 09/24/2018 --- diff --git a/azure-sql/database/saas-dbpertenant-restore-single-tenant.md b/azure-sql/database/saas-dbpertenant-restore-single-tenant.md index 9605d560bae..156d7a9b92d 100644 --- a/azure-sql/database/saas-dbpertenant-restore-single-tenant.md +++ b/azure-sql/database/saas-dbpertenant-restore-single-tenant.md @@ -7,8 +7,8 @@ ms.subservice: scenario ms.custom: seo-lt-2019, sqldbrb=1 ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 12/04/2018 --- diff --git a/azure-sql/database/saas-dbpertenant-wingtip-app-overview.md b/azure-sql/database/saas-dbpertenant-wingtip-app-overview.md index cbe3fef5602..9d7a5951d0b 100644 --- a/azure-sql/database/saas-dbpertenant-wingtip-app-overview.md +++ b/azure-sql/database/saas-dbpertenant-wingtip-app-overview.md @@ -7,8 +7,8 @@ ms.subservice: scenario ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 09/24/2018 --- diff --git a/azure-sql/database/saas-multitenantdb-adhoc-reporting.md b/azure-sql/database/saas-multitenantdb-adhoc-reporting.md index f468ccad1c0..8f9c4fd29c3 100644 --- a/azure-sql/database/saas-multitenantdb-adhoc-reporting.md +++ b/azure-sql/database/saas-multitenantdb-adhoc-reporting.md @@ -7,8 +7,8 @@ ms.subservice: scenario ms.custom: sqldbrb=1 ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 10/30/2018 --- diff --git a/azure-sql/database/saas-multitenantdb-get-started-deploy.md b/azure-sql/database/saas-multitenantdb-get-started-deploy.md index c954aefce0f..be8241e4f4a 100644 --- a/azure-sql/database/saas-multitenantdb-get-started-deploy.md +++ b/azure-sql/database/saas-multitenantdb-get-started-deploy.md @@ -7,8 +7,9 @@ ms.subservice: scenario ms.custom: sqldbrb=1 ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma + ms.reviewer: ms.date: 10/16/2018 --- diff --git a/azure-sql/database/saas-multitenantdb-performance-monitoring.md b/azure-sql/database/saas-multitenantdb-performance-monitoring.md index 4a986a668c5..8225939f479 100644 --- a/azure-sql/database/saas-multitenantdb-performance-monitoring.md +++ b/azure-sql/database/saas-multitenantdb-performance-monitoring.md @@ -7,8 +7,8 @@ ms.subservice: scenario ms.custom: seo-lt-2019, sqldbrb=1 ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 01/25/2019 --- diff --git a/azure-sql/database/saas-multitenantdb-provision-and-catalog.md b/azure-sql/database/saas-multitenantdb-provision-and-catalog.md index 012646e0c0c..4bc8c50737a 100644 --- a/azure-sql/database/saas-multitenantdb-provision-and-catalog.md +++ b/azure-sql/database/saas-multitenantdb-provision-and-catalog.md @@ -7,8 +7,9 @@ ms.subservice: scenario ms.custom: sqldbrb=1 ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma + ms.reviewer: ms.date: 09/24/2018 --- diff --git a/azure-sql/database/saas-multitenantdb-schema-management.md b/azure-sql/database/saas-multitenantdb-schema-management.md index 9551eb020ce..d361722c23e 100644 --- a/azure-sql/database/saas-multitenantdb-schema-management.md +++ b/azure-sql/database/saas-multitenantdb-schema-management.md @@ -7,8 +7,8 @@ ms.subservice: scenario ms.custom: sqldbrb=1 ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 12/18/2018 --- diff --git a/azure-sql/database/saas-multitenantdb-tenant-analytics.md b/azure-sql/database/saas-multitenantdb-tenant-analytics.md index eadb967ab24..83739a09176 100644 --- a/azure-sql/database/saas-multitenantdb-tenant-analytics.md +++ b/azure-sql/database/saas-multitenantdb-tenant-analytics.md @@ -7,8 +7,8 @@ ms.subservice: scenario ms.custom: sqldbrb=1 ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 09/19/2018 --- diff --git a/azure-sql/database/saas-standaloneapp-get-started-deploy.md b/azure-sql/database/saas-standaloneapp-get-started-deploy.md index 465031527e3..82ced18ecb2 100644 --- a/azure-sql/database/saas-standaloneapp-get-started-deploy.md +++ b/azure-sql/database/saas-standaloneapp-get-started-deploy.md @@ -7,8 +7,8 @@ ms.subservice: scenario ms.custom: sqldbrb=1 ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 11/07/2018 --- diff --git a/azure-sql/database/saas-standaloneapp-provision-and-catalog.md b/azure-sql/database/saas-standaloneapp-provision-and-catalog.md index 8d044df4274..5133799909b 100644 --- a/azure-sql/database/saas-standaloneapp-provision-and-catalog.md +++ b/azure-sql/database/saas-standaloneapp-provision-and-catalog.md @@ -7,8 +7,8 @@ ms.subservice: scenario ms.custom: sqldbrb=1 ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 09/24/2018 --- diff --git a/azure-sql/database/saas-tenancy-app-design-patterns.md b/azure-sql/database/saas-tenancy-app-design-patterns.md index 16099e58b99..84e95315fa2 100644 --- a/azure-sql/database/saas-tenancy-app-design-patterns.md +++ b/azure-sql/database/saas-tenancy-app-design-patterns.md @@ -5,9 +5,9 @@ services: sql-database ms.service: sql-database ms.subservice: scenario ms.topic: conceptual -author: stevestein -ms.author: sstein -ms.reviewer: +author: scoriani +ms.author: scoriani +ms.reviewer: mathoma ms.date: 01/25/2019 ms.custom: seoapril2019, sqldbrb=1 --- diff --git a/azure-sql/database/saas-tenancy-cross-tenant-reporting.md b/azure-sql/database/saas-tenancy-cross-tenant-reporting.md index 32cef412197..96822ddab5a 100644 --- a/azure-sql/database/saas-tenancy-cross-tenant-reporting.md +++ b/azure-sql/database/saas-tenancy-cross-tenant-reporting.md @@ -7,8 +7,9 @@ ms.subservice: scenario ms.custom: sqldbrb=1 ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma + ms.reviewers: ms.date: 01/25/2019 --- diff --git a/azure-sql/database/saas-tenancy-schema-management.md b/azure-sql/database/saas-tenancy-schema-management.md index 6b7d91a1aad..42c58ef0791 100644 --- a/azure-sql/database/saas-tenancy-schema-management.md +++ b/azure-sql/database/saas-tenancy-schema-management.md @@ -7,8 +7,8 @@ ms.subservice: scenario ms.custom: sqldbrb=1 ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 09/19/2018 --- diff --git a/azure-sql/database/saas-tenancy-tenant-analytics-adf.md b/azure-sql/database/saas-tenancy-tenant-analytics-adf.md index 55e650a03b3..a0a9e765541 100644 --- a/azure-sql/database/saas-tenancy-tenant-analytics-adf.md +++ b/azure-sql/database/saas-tenancy-tenant-analytics-adf.md @@ -7,8 +7,8 @@ ms.subservice: scenario ms.custom: seo-lt-2019, sqldbrb=1 ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 12/18/2018 --- diff --git a/azure-sql/database/saas-tenancy-tenant-analytics.md b/azure-sql/database/saas-tenancy-tenant-analytics.md index 7e65d10a35e..5bded8293df 100644 --- a/azure-sql/database/saas-tenancy-tenant-analytics.md +++ b/azure-sql/database/saas-tenancy-tenant-analytics.md @@ -7,8 +7,8 @@ ms.subservice: scenario ms.custom: sqldbrb=1 ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 12/18/2018 --- diff --git a/azure-sql/database/saas-tenancy-video-index-wingtip-brk3120-20171011.md b/azure-sql/database/saas-tenancy-video-index-wingtip-brk3120-20171011.md index a87e6103d64..1a6f98f7408 100644 --- a/azure-sql/database/saas-tenancy-video-index-wingtip-brk3120-20171011.md +++ b/azure-sql/database/saas-tenancy-video-index-wingtip-brk3120-20171011.md @@ -4,8 +4,9 @@ description: "This article indexes various time points in our 81 minutes video a services: sql-database ms.service: sql-database ms.subservice: scenario -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma + ms.reviewer: ms.custom: sqldbrb=1 ms.date: 12/18/2018 diff --git a/azure-sql/database/saas-tenancy-welcome-wingtip-tickets-app.md b/azure-sql/database/saas-tenancy-welcome-wingtip-tickets-app.md index 55a301df2f5..802aea02fb8 100644 --- a/azure-sql/database/saas-tenancy-welcome-wingtip-tickets-app.md +++ b/azure-sql/database/saas-tenancy-welcome-wingtip-tickets-app.md @@ -8,8 +8,8 @@ ms.subservice: scenario ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 01/25/2019 --- diff --git a/azure-sql/database/saas-tenancy-wingtip-app-guidance-tips.md b/azure-sql/database/saas-tenancy-wingtip-app-guidance-tips.md index b47b413c529..84881b1e8c0 100644 --- a/azure-sql/database/saas-tenancy-wingtip-app-guidance-tips.md +++ b/azure-sql/database/saas-tenancy-wingtip-app-guidance-tips.md @@ -7,8 +7,8 @@ ms.subservice: scenario ms.custom: seo-lt-2019, sqldbrb=1 ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 12/18/2018 --- diff --git a/azure-sql/database/scripts/add-database-to-failover-group-cli.md b/azure-sql/database/scripts/add-database-to-failover-group-cli.md index d687be8e550..290c4adf0d6 100644 --- a/azure-sql/database/scripts/add-database-to-failover-group-cli.md +++ b/azure-sql/database/scripts/add-database-to-failover-group-cli.md @@ -7,9 +7,9 @@ ms.subservice: high-availability ms.custom: sqldbrb=1, devx-track-azurecli ms.devlang: azurecli ms.topic: sample -author: stevestein -ms.author: sstein -ms.reviewer: +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 07/16/2019 --- # Use the Azure CLI to add a database to a failover group diff --git a/azure-sql/database/scripts/add-database-to-failover-group-powershell.md b/azure-sql/database/scripts/add-database-to-failover-group-powershell.md index 56517d58f6b..ef7f46fc672 100644 --- a/azure-sql/database/scripts/add-database-to-failover-group-powershell.md +++ b/azure-sql/database/scripts/add-database-to-failover-group-powershell.md @@ -4,12 +4,12 @@ description: Use an Azure PowerShell example script to create a database in Azur services: sql-database ms.service: sql-database ms.subservice: high-availability -ms.custom: sqldbrb=1 +ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: PowerShell ms.topic: sample -author: stevestein -ms.author: sstein -ms.reviewer: +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 07/16/2019 --- diff --git a/azure-sql/database/scripts/add-elastic-pool-to-failover-group-powershell.md b/azure-sql/database/scripts/add-elastic-pool-to-failover-group-powershell.md index e61735b7a67..db7bb51663d 100644 --- a/azure-sql/database/scripts/add-elastic-pool-to-failover-group-powershell.md +++ b/azure-sql/database/scripts/add-elastic-pool-to-failover-group-powershell.md @@ -4,12 +4,12 @@ description: Azure PowerShell example script to create an Azure SQL Database ela services: sql-database ms.service: sql-database ms.subservice: high-availability -ms.custom: sqldbrb=1 +ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: PowerShell ms.topic: sample -author: stevestein -ms.author: sstein -ms.reviewer: +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 07/16/2019 --- # Use PowerShell to add an elastic pool to a failover group diff --git a/azure-sql/database/scripts/auditing-threat-detection-powershell-configure.md b/azure-sql/database/scripts/auditing-threat-detection-powershell-configure.md index a349486a50a..f9886fd12dc 100644 --- a/azure-sql/database/scripts/auditing-threat-detection-powershell-configure.md +++ b/azure-sql/database/scripts/auditing-threat-detection-powershell-configure.md @@ -4,7 +4,7 @@ description: Azure PowerShell example script to configure auditing and Advanced services: sql-database ms.service: sql-database ms.subservice: security -ms.custom: security, sqldbrb=1 +ms.custom: security, sqldbrb=1, devx-track-azurepowershell ms.devlang: PowerShell ms.topic: sample author: DavidTrigano diff --git a/azure-sql/database/scripts/copy-database-to-new-server-powershell.md b/azure-sql/database/scripts/copy-database-to-new-server-powershell.md index 3d47c4b3f6e..592f5cb961d 100644 --- a/azure-sql/database/scripts/copy-database-to-new-server-powershell.md +++ b/azure-sql/database/scripts/copy-database-to-new-server-powershell.md @@ -4,12 +4,12 @@ description: Azure PowerShell example script to copy a database to a new server services: sql-database ms.service: sql-database ms.subservice: data-movement -ms.custom: sqldbrb=1 +ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: PowerShell ms.topic: sample -author: stevestein -ms.author: sstein -ms.reviewer: +author: shkale-msft +ms.author: shkale +ms.reviewer: mathoma ms.date: 03/12/2019 --- # Use PowerShell to copy a database to a new server diff --git a/azure-sql/database/scripts/create-and-configure-database-cli.md b/azure-sql/database/scripts/create-and-configure-database-cli.md index 1bf0166d6a1..f15ac7cc92b 100644 --- a/azure-sql/database/scripts/create-and-configure-database-cli.md +++ b/azure-sql/database/scripts/create-and-configure-database-cli.md @@ -3,12 +3,12 @@ title: "The Azure CLI: Create a single database" description: Use this Azure CLI example script to create a single database. services: sql-database ms.service: sql-database -ms.subservice: single-database +ms.subservice: deployment-configuration ms.custom: sqldbrb=1, devx-track-azurecli ms.devlang: azurecli ms.topic: sample -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 06/25/2019 --- diff --git a/azure-sql/database/scripts/create-and-configure-database-powershell.md b/azure-sql/database/scripts/create-and-configure-database-powershell.md index ccc2a0b9860..62ead1288ef 100644 --- a/azure-sql/database/scripts/create-and-configure-database-powershell.md +++ b/azure-sql/database/scripts/create-and-configure-database-powershell.md @@ -3,12 +3,12 @@ title: "PowerShell: Create a single database" description: Use an Azure PowerShell example script to create a single database in Azure SQL Database. services: sql-database ms.service: sql-database -ms.subservice: single-database -ms.custom: sqldbrb=1 +ms.subservice: deployment-configuration +ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: PowerShell ms.topic: sample -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 03/12/2019 --- diff --git a/azure-sql/database/scripts/import-from-bacpac-powershell.md b/azure-sql/database/scripts/import-from-bacpac-powershell.md index 38d5c1425f4..cdb97379943 100644 --- a/azure-sql/database/scripts/import-from-bacpac-powershell.md +++ b/azure-sql/database/scripts/import-from-bacpac-powershell.md @@ -3,13 +3,13 @@ title: "PowerShell: Import a BACPAC file to a new database in Azure SQL Database description: Azure PowerShell example script to import a BACPAC file into a database in SQL Database services: sql-database ms.service: sql-database -ms.subservice: data-movement -ms.custom: load & move data, sqldbrb=1 +ms.subservice: backup-restore +ms.custom: load & move data, sqldbrb=1, devx-track-azurepowershell ms.devlang: PowerShell ms.topic: sample -author: stevestein -ms.author: sstein -ms.reviewer: +author: shkale-msft +ms.author: shkale +ms.reviewer: mathoma ms.date: 05/24/2019 --- # Use PowerShell to import a BACPAC file into a database in SQL Database diff --git a/azure-sql/database/scripts/monitor-and-scale-database-powershell.md b/azure-sql/database/scripts/monitor-and-scale-database-powershell.md index 1ebe6d358a6..f6a57060acb 100644 --- a/azure-sql/database/scripts/monitor-and-scale-database-powershell.md +++ b/azure-sql/database/scripts/monitor-and-scale-database-powershell.md @@ -4,7 +4,7 @@ description: Use an Azure PowerShell example script to monitor and scale a singl services: sql-database ms.service: sql-database ms.subservice: performance -ms.custom: sqldbrb=1 +ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: PowerShell ms.topic: sample author: WilliamDAssafMSFT diff --git a/azure-sql/database/scripts/monitor-and-scale-pool-powershell.md b/azure-sql/database/scripts/monitor-and-scale-pool-powershell.md index 3dcaa3adc1d..2197ea4ab99 100644 --- a/azure-sql/database/scripts/monitor-and-scale-pool-powershell.md +++ b/azure-sql/database/scripts/monitor-and-scale-pool-powershell.md @@ -4,7 +4,7 @@ description: Azure PowerShell example script to monitor and scale an elastic poo services: sql-database ms.service: sql-database ms.subservice: performance -ms.custom: sqldbrb=1 +ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: PowerShell ms.topic: sample author: WilliamDAssafMSFT diff --git a/azure-sql/database/scripts/move-database-between-elastic-pools-cli.md b/azure-sql/database/scripts/move-database-between-elastic-pools-cli.md index 741e42cd329..22614af2c3f 100644 --- a/azure-sql/database/scripts/move-database-between-elastic-pools-cli.md +++ b/azure-sql/database/scripts/move-database-between-elastic-pools-cli.md @@ -7,9 +7,9 @@ ms.subservice: elastic-pools ms.custom: sqldbrb=1, devx-track-azurecli ms.devlang: azurecli ms.topic: sample -author: stevestein -ms.author: sstein -ms.reviewer: +author: arvindshmicrosoft +ms.author: arvindsh +ms.reviewer: mathoma ms.date: 06/25/2019 --- # Use the Azure CLI to move a database in SQL Database in a SQL elastic pool diff --git a/azure-sql/database/scripts/move-database-between-elastic-pools-powershell.md b/azure-sql/database/scripts/move-database-between-elastic-pools-powershell.md index d87fa1e8b7d..3c6cef82977 100644 --- a/azure-sql/database/scripts/move-database-between-elastic-pools-powershell.md +++ b/azure-sql/database/scripts/move-database-between-elastic-pools-powershell.md @@ -4,12 +4,12 @@ description: Use an Azure PowerShell example script to move a database in SQL Da services: sql-database ms.service: sql-database ms.subservice: elastic-pools -ms.custom: sqldbrb=1 +ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: PowerShell ms.topic: sample -author: stevestein -ms.reviewer: -ms.author: sstein +author: arvindshmicrosoft +ms.author: arvindsh +ms.reviewer: mathoma ms.date: 03/12/2019 --- diff --git a/azure-sql/database/scripts/restore-database-powershell.md b/azure-sql/database/scripts/restore-database-powershell.md index 96a8910c053..a45ddd291a9 100644 --- a/azure-sql/database/scripts/restore-database-powershell.md +++ b/azure-sql/database/scripts/restore-database-powershell.md @@ -3,13 +3,13 @@ title: "PowerShell: Restore an automatic backup of a database in SQL Database" description: Use an Azure PowerShell example script to restore a database in SQL Database to an earlier point in time from automatic backups. services: sql-database ms.service: sql-database -ms.subservice: operations -ms.custom: +ms.subservice: backup-restore +ms.custom: devx-track-azurepowershell ms.devlang: PowerShell ms.topic: sample -author: stevestein -ms.author: sstein -ms.reviewer: +author: shkale-msft +ms.author: shkale +ms.reviewer: mathoma ms.date: 03/27/2019 --- @@ -56,4 +56,4 @@ This script uses the following commands. Each command in the table links to comm For more information on Azure PowerShell, see [Azure PowerShell documentation](/powershell/azure/). -Additional SQL Database PowerShell script samples can be found in the [Azure SQL Database PowerShell scripts](../powershell-script-content-guide.md). \ No newline at end of file +Additional SQL Database PowerShell script samples can be found in the [Azure SQL Database PowerShell scripts](../powershell-script-content-guide.md). diff --git a/azure-sql/database/scripts/scale-pool-cli.md b/azure-sql/database/scripts/scale-pool-cli.md index 1457e2fc578..542428e2c28 100644 --- a/azure-sql/database/scripts/scale-pool-cli.md +++ b/azure-sql/database/scripts/scale-pool-cli.md @@ -7,9 +7,9 @@ ms.subservice: elastic-pools ms.custom: sqldbrb=1, devx-track-azurecli ms.devlang: azurecli ms.topic: sample -author: stevestein -ms.author: sstein -ms.reviewer: +author: arvindshmicrosoft +ms.author: arvindsh +ms.reviewer: mathoma ms.date: 06/25/2019 --- diff --git a/azure-sql/database/scripts/setup-geodr-and-failover-database-powershell.md b/azure-sql/database/scripts/setup-geodr-and-failover-database-powershell.md index c6fc1884bcb..bbd1df2ed6d 100644 --- a/azure-sql/database/scripts/setup-geodr-and-failover-database-powershell.md +++ b/azure-sql/database/scripts/setup-geodr-and-failover-database-powershell.md @@ -4,12 +4,12 @@ description: Use an Azure PowerShell example script to set up active geo-replica services: sql-database ms.service: sql-database ms.subservice: high-availability -ms.custom: sqldbrb=1 +ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: PowerShell ms.topic: sample -author: stevestein -ms.author: sstein -ms.reviewer: +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 03/12/2019 --- diff --git a/azure-sql/database/scripts/setup-geodr-and-failover-elastic-pool-powershell.md b/azure-sql/database/scripts/setup-geodr-and-failover-elastic-pool-powershell.md index 0119158d883..9b98360c020 100644 --- a/azure-sql/database/scripts/setup-geodr-and-failover-elastic-pool-powershell.md +++ b/azure-sql/database/scripts/setup-geodr-and-failover-elastic-pool-powershell.md @@ -4,12 +4,12 @@ description: Azure PowerShell example script to set up active geo-replication fo services: sql-database ms.service: sql-database ms.subservice: high-availability -ms.custom: sqldbrb=1 +ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: PowerShell ms.topic: sample -author: stevestein -ms.author: sstein -ms.reviewer: +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 03/12/2019 --- # Use PowerShell to configure active geo-replication for a pooled database in Azure SQL Database diff --git a/azure-sql/database/scripts/sql-data-sync-sync-data-between-azure-onprem.md b/azure-sql/database/scripts/sql-data-sync-sync-data-between-azure-onprem.md index 01265daeb99..257838ee408 100644 --- a/azure-sql/database/scripts/sql-data-sync-sync-data-between-azure-onprem.md +++ b/azure-sql/database/scripts/sql-data-sync-sync-data-between-azure-onprem.md @@ -3,13 +3,13 @@ title: "PowerShell: Sync data between SQL Database and SQL Server" description: Use an Azure PowerShell example script to sync data between Azure SQL Database and SQL Server. services: sql-database ms.service: sql-database -ms.subservice: data-movement -ms.custom: sqldbrb=1 +ms.subservice: sql-data-sync +ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: PowerShell ms.topic: sample -author: stevestein -ms.author: sstein -ms.reviewer: +author: MaraSteiu +ms.author: masteiu +ms.reviewer: mathoma ms.date: 03/12/2019 --- @@ -323,4 +323,4 @@ For more information about SQL Data Sync, see: For more information about Azure SQL Database, see: - [SQL Database overview](../sql-database-paas-overview.md) -- [Database Lifecycle Management](/previous-versions/sql/sql-server-guides/jj907294(v=sql.110)) \ No newline at end of file +- [Database Lifecycle Management](/previous-versions/sql/sql-server-guides/jj907294(v=sql.110)) diff --git a/azure-sql/database/scripts/sql-data-sync-sync-data-between-sql-databases-rest-api.md b/azure-sql/database/scripts/sql-data-sync-sync-data-between-sql-databases-rest-api.md index 57b5c0df545..f1d4bcce24c 100644 --- a/azure-sql/database/scripts/sql-data-sync-sync-data-between-sql-databases-rest-api.md +++ b/azure-sql/database/scripts/sql-data-sync-sync-data-between-sql-databases-rest-api.md @@ -3,13 +3,13 @@ title: "REST API: Sync between multiple databases" description: Use a REST API example script to sync between multiple databases. services: sql-database ms.service: sql-database -ms.subservice: data-movement +ms.subservice: sql-data-sync ms.custom: sqldbrb=1 ms.devlang: REST API ms.topic: sample -author: stevestein -ms.author: sstein -ms.reviewer: +author: MaraSteiu +ms.author: masteiu +ms.reviewer: mathoma ms.date: 03/12/2019 --- diff --git a/azure-sql/database/scripts/sql-data-sync-sync-data-between-sql-databases.md b/azure-sql/database/scripts/sql-data-sync-sync-data-between-sql-databases.md index ab55f890803..cc83d168297 100644 --- a/azure-sql/database/scripts/sql-data-sync-sync-data-between-sql-databases.md +++ b/azure-sql/database/scripts/sql-data-sync-sync-data-between-sql-databases.md @@ -3,13 +3,13 @@ title: "PowerShell: Sync between multiple databases in Azure SQL Database" description: Use an Azure PowerShell example script to sync between multiple databases in Azure SQL Database. services: sql-database ms.service: sql-database -ms.subservice: data-movement -ms.custom: sqldbrb=1 +ms.subservice: sql-data-sync +ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: PowerShell ms.topic: sample -author: stevestein -ms.author: sstein -ms.reviewer: +author: MaraSteiu +ms.author: masteiu +ms.reviewer: mathoma ms.date: 03/12/2019 --- diff --git a/azure-sql/database/scripts/update-sync-schema-in-sync-group.md b/azure-sql/database/scripts/update-sync-schema-in-sync-group.md index 7fc4e5c8d5e..0d8be2919f3 100644 --- a/azure-sql/database/scripts/update-sync-schema-in-sync-group.md +++ b/azure-sql/database/scripts/update-sync-schema-in-sync-group.md @@ -3,13 +3,13 @@ title: "PowerShell: Update SQL Data Sync sync schema" description: Azure PowerShell example script to update the sync schema for SQL Data Sync services: sql-database ms.service: sql-database -ms.subservice: data-movement +ms.subservice: sql-data-sync ms.custom: sqldbrb=1 ms.devlang: PowerShell ms.topic: sample -author: stevestein -ms.author: sstein -ms.reviewer: +author: MaraSteiu +ms.author: masteiu +ms.reviewer: mathoma ms.date: 03/12/2019 --- # Use PowerShell to update the sync schema in an existing sync group diff --git a/azure-sql/database/scripts/vnet-service-endpoint-rule-powershell-create.md b/azure-sql/database/scripts/vnet-service-endpoint-rule-powershell-create.md index bcd299a51a6..b428c39cb0b 100644 --- a/azure-sql/database/scripts/vnet-service-endpoint-rule-powershell-create.md +++ b/azure-sql/database/scripts/vnet-service-endpoint-rule-powershell-create.md @@ -3,14 +3,14 @@ title: PowerShell for VNet endpoints and rules for single and pooled databases description: "Provides PowerShell scripts to create and manage Virtual Service endpoints for your Azure SQL Database and Azure Synapse." services: sql-database ms.service: sql-database -ms.subservice: development +ms.subservice: deployment-configuration ms.devlang: PowerShell ms.topic: conceptual author: rohitnayakmsft ms.author: rohitna -ms.reviewer: vanto +ms.reviewer: vanto, mathoma ms.date: 04/17/2019 -ms.custom: sqldbrb=1 +ms.custom: sqldbrb=1, devx-track-azurepowershell tags: azure-synapse --- # PowerShell: Create a Virtual Service endpoint and VNet rule for Azure SQL Database diff --git a/azure-sql/database/security-controls-policy.md b/azure-sql/database/security-controls-policy.md index 5bc129eb3d0..c1468d4c4e7 100644 --- a/azure-sql/database/security-controls-policy.md +++ b/azure-sql/database/security-controls-policy.md @@ -3,9 +3,10 @@ title: Azure Policy Regulatory Compliance controls for Azure SQL Database description: Lists Azure Policy Regulatory Compliance controls available for Azure SQL Database and SQL Managed Instance. These built-in policy definitions provide common approaches to managing the compliance of your Azure resources. ms.date: 05/14/2021 ms.topic: sample -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.service: sql-database +ms.subservice: security ms.custom: subject-policy-compliancecontrols --- # Azure Policy Regulatory Compliance controls for Azure SQL Database & SQL Managed Instance diff --git a/azure-sql/database/serverless-tier-overview.md b/azure-sql/database/serverless-tier-overview.md index 41a16f6e970..6b5ce6d9d92 100644 --- a/azure-sql/database/serverless-tier-overview.md +++ b/azure-sql/database/serverless-tier-overview.md @@ -4,7 +4,7 @@ description: This article describes the new serverless compute tier and compares services: sql-database ms.service: sql-database ms.subservice: service -ms.custom: test sqldbrb=1, devx-track-azurecli +ms.custom: test sqldbrb=1, devx-track-azurecli, devx-track-azurepowershell ms.devlang: ms.topic: conceptual author: oslake diff --git a/azure-sql/database/service-tier-business-critical.md b/azure-sql/database/service-tier-business-critical.md index 9f23ac39970..18bb682a89f 100644 --- a/azure-sql/database/service-tier-business-critical.md +++ b/azure-sql/database/service-tier-business-critical.md @@ -4,13 +4,13 @@ titleSuffix: Azure SQL Database & Azure SQL Managed Instance description: Learn about the business critical service tier for Azure SQL Database and Azure SQL Managed Instance. services: sql-database ms.service: sql-db-mi -ms.subservice: features +ms.subservice: service-overview ms.custom: sqldbrb=2 ms.devlang: ms.topic: conceptual author: jovanpop-msft ms.author: jovanpop -ms.reviewer: sstein +ms.reviewer: mathoma ms.date: 12/04/2018 --- # Business Critical tier - Azure SQL Database and Azure SQL Managed Instance diff --git a/azure-sql/database/service-tier-general-purpose.md b/azure-sql/database/service-tier-general-purpose.md index 58587733ffa..73d4e56ac47 100644 --- a/azure-sql/database/service-tier-general-purpose.md +++ b/azure-sql/database/service-tier-general-purpose.md @@ -4,13 +4,13 @@ titleSuffix: Azure SQL Database & Azure SQL Managed Instance description: Learn about the General Purpose service tier for Azure SQL Database and Azure SQL Managed Instance. services: sql-database ms.service: sql-db-mi -ms.subservice: features +ms.subservice: service-overview ms.custom: sqldbrb=2 ms.devlang: ms.topic: conceptual author: jovanpop-msft ms.author: jovanpop -ms.reviewer: sstein +ms.reviewer: mathoma ms.date: 02/07/2019 --- # General Purpose service tier - Azure SQL Database and Azure SQL Managed Instance diff --git a/azure-sql/database/service-tier-hyperscale-frequently-asked-questions-faq.yml b/azure-sql/database/service-tier-hyperscale-frequently-asked-questions-faq.yml index b8d763a025a..0757ce9d7e8 100644 --- a/azure-sql/database/service-tier-hyperscale-frequently-asked-questions-faq.yml +++ b/azure-sql/database/service-tier-hyperscale-frequently-asked-questions-faq.yml @@ -4,13 +4,13 @@ metadata: description: Answers to common questions customers ask about a database in SQL Database in the Hyperscale service tier - commonly called a Hyperscale database. services: sql-database ms.service: sql-database - ms.subservice: + ms.subservice: service-overview ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual author: dimitri-furman ms.author: dfurman - ms.reviewer: + ms.reviewer: mathoma ms.date: 03/31/2021 title: Azure SQL Database Hyperscale FAQ diff --git a/azure-sql/database/service-tier-hyperscale.md b/azure-sql/database/service-tier-hyperscale.md index a4af432669b..4896892a11e 100644 --- a/azure-sql/database/service-tier-hyperscale.md +++ b/azure-sql/database/service-tier-hyperscale.md @@ -3,13 +3,13 @@ title: What is the Hyperscale service tier? description: This article describes the Hyperscale service tier in the vCore-based purchasing model in Azure SQL Database and explains how it's different from the General Purpose and Business Critical service tiers. services: sql-database ms.service: sql-database -ms.subservice: service +ms.subservice: service-overview ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein -ms.reviewer: +author: dimitri-furman +ms.author: dfurman +ms.reviewer: mathoma ms.date: 3/31/2021 --- diff --git a/azure-sql/database/service-tiers-dtu.md b/azure-sql/database/service-tiers-dtu.md index ef07f3dbc66..485f00b7f1a 100644 --- a/azure-sql/database/service-tiers-dtu.md +++ b/azure-sql/database/service-tiers-dtu.md @@ -3,14 +3,14 @@ title: Service tiers - DTU-based purchase model description: Learn about service tiers in the DTU-based purchase model for Azure SQL Database to provide compute and storage sizes. services: sql-database ms.service: sql-database -ms.subservice: service +ms.subservice: service-overview ms.custom: references_regions ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein +author: dimitri-furman +ms.author: dfurman +ms.reviewer: mathoma ms.date: 5/4/2021 -ms.reviewer: --- # Service tiers in the DTU-based purchase model [!INCLUDE[appliesto-sqldb](../includes/appliesto-sqldb.md)] diff --git a/azure-sql/database/service-tiers-general-purpose-business-critical.md b/azure-sql/database/service-tiers-general-purpose-business-critical.md index 304d2e1ef53..f5d197e0023 100644 --- a/azure-sql/database/service-tiers-general-purpose-business-critical.md +++ b/azure-sql/database/service-tiers-general-purpose-business-critical.md @@ -4,13 +4,13 @@ titleSuffix: Azure SQL Database & SQL Managed Instance description: The article discusses the general purpose and business critical service tiers in the vCore-based purchasing model used by Azure SQL Database and Azure SQL Managed Instance. services: sql-database ms.service: sql-db-mi -ms.subservice: features +ms.subservice: service-overview ms.custom: sqldbrb=2 ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein -ms.reviewer: sashan, moslake +author: dimitri-furman +ms.author: dfurman +ms.reviewer: mathoma ms.date: 12/14/2020 --- # Azure SQL Database and Azure SQL Managed Instance service tiers diff --git a/azure-sql/database/service-tiers-vcore.md b/azure-sql/database/service-tiers-vcore.md index 123e9bd919f..03d87cdcb49 100644 --- a/azure-sql/database/service-tiers-vcore.md +++ b/azure-sql/database/service-tiers-vcore.md @@ -4,13 +4,14 @@ titleSuffix: Azure SQL Database & SQL Managed Instance description: The vCore purchasing model lets you independently scale compute and storage resources, match on-premises performance, and optimize price for Azure SQL Database and Azure SQL Managed Instance. services: sql-database ms.service: sql-db-mi -ms.subservice: features +ms.subservice: service-overview ms.topic: conceptual -author: WilliamDAssafMSFT -ms.author: wiassaf -ms.reviewer: sashan, moslake +author: dimitri-furman +ms.author: dfurman +ms.reviewer: mathoma ms.date: 05/18/2021 ROBOTS: NOINDEX +ms.custom: devx-track-azurepowershell --- # vCore model overview - Azure SQL Database and Azure SQL Managed Instance [!INCLUDE[appliesto-sqldb-sqlmi](../includes/appliesto-sqldb-sqlmi.md)] diff --git a/azure-sql/database/single-database-create-arm-template-quickstart.md b/azure-sql/database/single-database-create-arm-template-quickstart.md index b3a0b021d58..132ae751db0 100644 --- a/azure-sql/database/single-database-create-arm-template-quickstart.md +++ b/azure-sql/database/single-database-create-arm-template-quickstart.md @@ -3,13 +3,12 @@ title: "Azure Resource Manager: Create a single database" description: Create a single database in Azure SQL Database using an Azure Resource Manager template. services: sql-database ms.service: sql-database -ms.subservice: single-database -ms.custom: subject-armqs sqldbrb=1 +ms.subservice: deployment-configuration +ms.custom: subject-armqs sqldbrb=1, devx-track-azurepowershell ms.devlang: ms.topic: quickstart -author: mumian -ms.author: jgao -ms.reviewer: sstein +author: MashaMSFT +ms.author: mathoma ms.date: 06/24/2020 --- @@ -83,4 +82,4 @@ Remove-AzResourceGroup -Name $resourceGroupName - [Connect and query using Azure Data Studio](/sql/azure-data-studio/quickstart-sql-database?toc=%2fazure%2fsql-database%2ftoc.json) - To create a single database using the Azure CLI, see [Azure CLI samples](az-cli-script-samples-content-guide.md). - To create a single database using Azure PowerShell, see [Azure PowerShell samples](powershell-script-content-guide.md). -- To learn how to create ARM templates, see [Create your first template](../../azure-resource-manager/templates/template-tutorial-create-first-template.md). \ No newline at end of file +- To learn how to create ARM templates, see [Create your first template](../../azure-resource-manager/templates/template-tutorial-create-first-template.md). diff --git a/azure-sql/database/single-database-create-quickstart.md b/azure-sql/database/single-database-create-quickstart.md index 16102e38d57..c89eb709b81 100644 --- a/azure-sql/database/single-database-create-quickstart.md +++ b/azure-sql/database/single-database-create-quickstart.md @@ -3,12 +3,12 @@ title: Create a single database description: Create a single database in Azure SQL Database using the Azure portal, PowerShell, or the Azure CLI. services: sql-database ms.service: sql-database -ms.subservice: single-database -ms.custom: contperf-fy21q1, devx-track-azurecli +ms.subservice: deployment-configuration +ms.custom: contperf-fy21q1, devx-track-azurecli, devx-track-azurepowershell ms.devlang: ms.topic: quickstart -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 01/27/2021 --- @@ -316,4 +316,4 @@ Remove-AzResourceGroup -Name $resourceGroupName Want to optimize and save on your cloud spending? > [!div class="nextstepaction"] -> [Start analyzing costs with Cost Management](../../cost-management-billing/costs/quick-acm-cost-analysis.md?WT.mc_id=costmanagementcontent_docsacmhorizontal_-inproduct-learn) \ No newline at end of file +> [Start analyzing costs with Cost Management](../../cost-management-billing/costs/quick-acm-cost-analysis.md?WT.mc_id=costmanagementcontent_docsacmhorizontal_-inproduct-learn) diff --git a/azure-sql/database/single-database-manage.md b/azure-sql/database/single-database-manage.md index 060059e8a0b..388a2e68b33 100644 --- a/azure-sql/database/single-database-manage.md +++ b/azure-sql/database/single-database-manage.md @@ -3,12 +3,12 @@ title: Create & manage servers and single databases description: Learn about creating and managing servers and single databases in Azure SQL Database using the Azure portal, PowerShell, the Azure CLI, Transact-SQL (T-SQL), and Rest-API. services: sql-database ms.service: sql-database -ms.subservice: single-database +ms.subservice: deployment-configuration ms.custom: sqldbrb=1, devx-track-azurecli ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 03/12/2019 --- diff --git a/azure-sql/database/single-database-overview.md b/azure-sql/database/single-database-overview.md index 9525125c47b..77abeedfb60 100644 --- a/azure-sql/database/single-database-overview.md +++ b/azure-sql/database/single-database-overview.md @@ -3,12 +3,12 @@ title: What is a single database? description: Learn about the single database resource type in Azure SQL Database. services: sql-database ms.service: sql-database -ms.subservice: single-database +ms.subservice: service-overview ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 04/08/2019 --- diff --git a/azure-sql/database/single-database-scale.md b/azure-sql/database/single-database-scale.md index 74b149e4f56..47c0e7a34e7 100644 --- a/azure-sql/database/single-database-scale.md +++ b/azure-sql/database/single-database-scale.md @@ -4,7 +4,7 @@ description: This article describes how to scale the compute and storage resourc services: sql-database ms.service: sql-database ms.subservice: performance -ms.custom: sqldbrb=1, references_regions +ms.custom: sqldbrb=1, references_regions, devx-track-azurepowershell ms.devlang: ms.topic: conceptual author: WilliamDAssafMSFT diff --git a/azure-sql/database/spark-connector.md b/azure-sql/database/spark-connector.md index 7a0cc6e9ead..89dc7695319 100644 --- a/azure-sql/database/spark-connector.md +++ b/azure-sql/database/spark-connector.md @@ -7,9 +7,8 @@ ms.subservice: development ms.custom: sqldbrb=2 ms.devlang: ms.topic: conceptual -author: denzilribeiro -ms.author: denzilr -ms.reviewer: sstein +author: MashaMSFT +ms.author: mathoma ms.date: 09/02/2020 --- # Accelerate real-time big data analytics using the Spark connector diff --git a/azure-sql/database/sql-data-sync-agent-overview.md b/azure-sql/database/sql-data-sync-agent-overview.md index c4e8854b546..7b1f297537c 100644 --- a/azure-sql/database/sql-data-sync-agent-overview.md +++ b/azure-sql/database/sql-data-sync-agent-overview.md @@ -3,13 +3,13 @@ title: Data Sync Agent for SQL Data Sync description: Learn how to install and run the Data Sync Agent for SQL Data Sync in Azure to sync data with SQL Server databases services: sql-database ms.service: sql-database -ms.subservice: data-movement +ms.subservice: sql-data-sync ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein -ms.reviewer: +author: MaraSteiu +ms.author: masteiu +ms.reviewer: mathoma ms.date: 12/20/2018 --- # Data Sync Agent for SQL Data Sync diff --git a/azure-sql/database/sql-data-sync-best-practices.md b/azure-sql/database/sql-data-sync-best-practices.md index 9971f62b361..09ba9f2138b 100644 --- a/azure-sql/database/sql-data-sync-best-practices.md +++ b/azure-sql/database/sql-data-sync-best-practices.md @@ -3,13 +3,13 @@ title: Best practices for Azure SQL Data Sync description: "Learn about best practices for configuring and running Azure SQL Data Sync." services: sql-database ms.service: sql-database -ms.subservice: data-movement +ms.subservice: sql-data-sync ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein -ms.reviewer: +author: MaraSteiu +ms.author: masteiu +ms.reviewer: mathoma ms.date: 12/20/2018 --- # Best practices for Azure SQL Data Sync diff --git a/azure-sql/database/sql-data-sync-data-sql-server-sql-database.md b/azure-sql/database/sql-data-sync-data-sql-server-sql-database.md index 2de09735f0a..83ef97af3c6 100644 --- a/azure-sql/database/sql-data-sync-data-sql-server-sql-database.md +++ b/azure-sql/database/sql-data-sync-data-sql-server-sql-database.md @@ -3,13 +3,13 @@ title: What is SQL Data Sync for Azure? description: This overview introduces SQL Data Sync for Azure, which allows you to sync data across multiple cloud and on-premises databases. services: sql-database ms.service: sql-database -ms.subservice: data-movement +ms.subservice: sql-data-sync ms.custom: data sync, sqldbrb=1, fasttrack-edit ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein -ms.reviewer: +author: MaraSteiu +ms.author: masteiu +ms.reviewer: mathoma ms.date: 08/20/2019 --- # What is SQL Data Sync for Azure? diff --git a/azure-sql/database/sql-data-sync-sql-server-configure.md b/azure-sql/database/sql-data-sync-sql-server-configure.md index 72b6567bd14..add1ccecdf6 100644 --- a/azure-sql/database/sql-data-sync-sql-server-configure.md +++ b/azure-sql/database/sql-data-sync-sql-server-configure.md @@ -3,13 +3,13 @@ title: Set up SQL Data Sync description: This tutorial shows you how to set up SQL Data Sync for Azure services: sql-database ms.service: sql-database -ms.subservice: data-movement +ms.subservice: sql-data-sync ms.custom: sqldbrb=1 ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein -ms.reviewer: +author: MaraSteiu +ms.author: masteiu +ms.reviewer: mathoma ms.date: 01/14/2019 --- # Tutorial: Set up SQL Data Sync between databases in Azure SQL Database and SQL Server diff --git a/azure-sql/database/sql-data-sync-troubleshoot.md b/azure-sql/database/sql-data-sync-troubleshoot.md index 1c13fdc1422..d5a1bec8e32 100644 --- a/azure-sql/database/sql-data-sync-troubleshoot.md +++ b/azure-sql/database/sql-data-sync-troubleshoot.md @@ -3,13 +3,13 @@ title: Troubleshoot SQL Data Sync description: "Learn how to identify, troubleshoot, and resolve common issues with SQL Data Sync in Azure." services: sql-database ms.service: sql-database -ms.subservice: data-movement +ms.subservice: sql-data-sync ms.custom: data sync, sqldbrb=1 ms.devlang: ms.topic: troubleshooting -author: stevestein -ms.author: sstein -ms.reviewer: +author: MaraSteiu +ms.author: masteiu +ms.reviewer: mathoma ms.date: 12/20/2018 --- # Troubleshoot issues with SQL Data Sync diff --git a/azure-sql/database/sql-data-sync-update-sync-schema.md b/azure-sql/database/sql-data-sync-update-sync-schema.md index b364ff1fde2..7f3f053fb73 100644 --- a/azure-sql/database/sql-data-sync-update-sync-schema.md +++ b/azure-sql/database/sql-data-sync-update-sync-schema.md @@ -3,13 +3,13 @@ title: Automate the replication of schema changes in SQL Data Sync description: Learn how to automate the replication of schema changes in Azure SQL Data Sync. services: sql-database ms.service: sql-database -ms.subservice: data-movement +ms.subservice: sql-data-sync ms.custom: data sync ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: +author: MaraSteiu +ms.author: masteiu +ms.reviewer: mathoma ms.date: 11/14/2018 --- # Automate the replication of schema changes in Azure SQL Data Sync diff --git a/azure-sql/database/sql-database-paas-overview.md b/azure-sql/database/sql-database-paas-overview.md index daafd9cc88b..8ed8518215d 100644 --- a/azure-sql/database/sql-database-paas-overview.md +++ b/azure-sql/database/sql-database-paas-overview.md @@ -4,12 +4,12 @@ description: 'Get an introduction to SQL Database: technical details and capabil keywords: introduction to sql,intro to sql,what is sql database services: sql-database ms.service: sql-database -ms.subservice: service +ms.subservice: service-overview ms.custom: sqldbrb=3 ms.devlang: ms.topic: overview -author: stevestein -ms.author: sstein +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 09/21/2020 --- diff --git a/azure-sql/database/sql-database-vulnerability-assessment-storage.md b/azure-sql/database/sql-database-vulnerability-assessment-storage.md index 6a0a2cfd9c9..919c816bd60 100644 --- a/azure-sql/database/sql-database-vulnerability-assessment-storage.md +++ b/azure-sql/database/sql-database-vulnerability-assessment-storage.md @@ -16,6 +16,15 @@ ms.date: 12/01/2020 If you are limiting access to your storage account in Azure for certain VNets or services, you'll need to enable the appropriate configuration so that Vulnerability Assessment (VA) scanning for SQL Databases or Managed Instances have access to that storage account. +## Prerequisites + +The SQL Vulnerability Assessment service needs permission to the storage account to save baseline and scan results. There are three methods: +- **Use Storage Account key**: Azure creates the SAS key and saves it (though we don't save the account key) +- **Use Storage SAS key**: The SAS key must have: Write | List | Read | Delete permissions +- **Use SQL Server managed identity**: The SQL Server must have a managed identity. The storage account must have a role assignment for the SQL Managed Identity as StorageBlobContributor. When you apply the settings, the VA fields storageContainerSasKey and storageAccountAccessKey must be empty. When storage is behind a firewall or virtual network, then the SQL managed identity is required. + +When you use the Azure portal to save SQL VA settings, Azure checks if you have permission to assign a new role assignment for the managed identity as StorageBlobContributor on the storage. If permissions are assigned, Azure uses SQL Server managed identity, otherwise Azure uses the key method. + ## Enable Azure SQL Database VA scanning access to the storage account If you have configured your VA storage account to only be accessible by certain networks or services, you'll need to ensure that VA scans for your Azure SQL Database are able to store the scans on the storage account. You can use the existing storage account, or create a new storage account to store VA scan results for all databases on your [logical SQL server](logical-servers.md). @@ -60,6 +69,58 @@ To support VA scans on Managed Instances, follow the below steps: You should now be able to store your VA scans for Managed Instances in your storage account. +## Troubleshoot vulnerability assessment scan-related issues + +Troubleshoot common issues related to vulnerability assessment scans. + +### Failure to save vulnerability assessment settings + +You might not be able to save changes to vulnerability assessment settings if your storage account doesn't meet some prerequisites or if you have insufficient permissions. + +#### Storage account requirements + +The storage account in which vulnerability assessment scan results are saved must meet the following requirements: + +- **Type**: StorageV2 (General Purpose V2) or Storage (General Purpose V1) +- **Performance**: Standard (only) +- **Region**: The storage must be in the same region as the instance of Azure SQL Server. + +If any of these requirements aren't met, saving changes to vulnerability assessment settings fails. + +#### Permissions + +The following permissions are required to save changes to vulnerability assessment settings: + +- SQL Security Manager +- Storage Blob Data Reader + +Setting a new role assignment requires owner or user administrator access to the storage account and the following permissions: + +- Storage Blob Data Owner + +### Storage account isn't visible for selection in vulnerability assessment settings + +The storage account might not appear in the storage account picker for several reasons: + +- The storage account you're looking for isn't in the selected subscription. +- The storage account you're looking for isn't in the same region as the instance of Azure SQL Server. +- You don't have Microsoft.Storage/storageAccounts/read permissions on the storage account. + +### Failure to open an email link for scan results or can't view scan results + +You might not be able to open a link in a notification email about scan results or to view scan results if you don't have the required permissions or if you use a browser that doesn't support opening or displaying scan results. + +#### Permissions + +The following permissions are required to open links in email notifications about scan results or to view scan results: + +- SQL Security Manager +- Storage Blob Data Reader + +#### Browser requirements + +The Firefox browser doesn't support opening or displaying scan results view. We recommend that you use Chrome or Microsoft Edge to view vulnerability assessment scan results. + ## Next steps - [Vulnerability Assessment](sql-vulnerability-assessment.md) diff --git a/azure-sql/database/temporal-tables-retention-policy.md b/azure-sql/database/temporal-tables-retention-policy.md index 81fc48b0d00..cb1bf226801 100644 --- a/azure-sql/database/temporal-tables-retention-policy.md +++ b/azure-sql/database/temporal-tables-retention-policy.md @@ -3,13 +3,13 @@ title: Manage historical data in temporal tables description: Learn how to use temporal retention policy to keep historical data under your control. services: sql-database ms.service: sql-db-mi -ms.subservice: development +ms.subservice: performance ms.custom: sqldbrb=2 ms.devlang: ms.topic: how-to -author: bonova -ms.author: bonova -ms.reviewer: sstein +author: MladjoA +ms.author: mlandzic +ms.reviewer: mathoma ms.date: 09/25/2018 --- # Manage historical data in Temporal tables with retention policy diff --git a/azure-sql/database/transact-sql-tsql-differences-sql-server.md b/azure-sql/database/transact-sql-tsql-differences-sql-server.md index 1a8f7240254..7f78e73fa2c 100644 --- a/azure-sql/database/transact-sql-tsql-differences-sql-server.md +++ b/azure-sql/database/transact-sql-tsql-differences-sql-server.md @@ -3,13 +3,13 @@ title: Resolving T-SQL differences-migration description: Transact-SQL statements that are less than fully supported in Azure SQL Database. services: sql-database ms.service: sql-database -ms.subservice: single-database +ms.subservice: migration ms.custom: sqldbrb=1 ms.devlang: ms.topic: reference -author: stevestein -ms.author: sstein -ms.reviewer: +author: mokabiru +ms.author: mokabiru +ms.reviewer: mathoma ms.date: 12/03/2018 --- # Resolving Transact-SQL differences during migration to SQL Database diff --git a/azure-sql/database/transparent-data-encryption-byok-configure.md b/azure-sql/database/transparent-data-encryption-byok-configure.md index 02436e262d0..65e6544b019 100644 --- a/azure-sql/database/transparent-data-encryption-byok-configure.md +++ b/azure-sql/database/transparent-data-encryption-byok-configure.md @@ -5,7 +5,7 @@ description: "Learn how to configure an Azure SQL Database and Azure Synapse Ana services: sql-database ms.service: sql-db-mi ms.subservice: security -ms.custom: seo-lt-2019 sqldbrb=1, devx-track-azurecli +ms.custom: seo-lt-2019 sqldbrb=1, devx-track-azurecli, devx-track-azurepowershell ms.devlang: ms.topic: how-to author: shohamMSFT diff --git a/azure-sql/database/transparent-data-encryption-byok-key-rotation.md b/azure-sql/database/transparent-data-encryption-byok-key-rotation.md index 4ed8bcf3211..889cb775bfb 100644 --- a/azure-sql/database/transparent-data-encryption-byok-key-rotation.md +++ b/azure-sql/database/transparent-data-encryption-byok-key-rotation.md @@ -5,7 +5,7 @@ description: Learn how to rotate the Transparent Data Encryption (TDE) protector services: sql-database ms.service: sql-database ms.subservice: security -ms.custom: seo-lt-2019 sqldbrb=1, devx-track-azurecli +ms.custom: seo-lt-2019 sqldbrb=1, devx-track-azurecli, devx-track-azurepowershell ms.devlang: ms.topic: how-to author: shohamMSFT @@ -126,4 +126,4 @@ The following examples use [az sql server tde-key set](/powershell/module/az.sql - In case of a security risk, learn how to remove a potentially compromised TDE protector: [Remove a potentially compromised key](transparent-data-encryption-byok-remove-tde-protector.md). -- Get started with Azure Key Vault integration and Bring Your Own Key support for TDE: [Turn on TDE using your own key from Key Vault using PowerShell](transparent-data-encryption-byok-configure.md). \ No newline at end of file +- Get started with Azure Key Vault integration and Bring Your Own Key support for TDE: [Turn on TDE using your own key from Key Vault using PowerShell](transparent-data-encryption-byok-configure.md). diff --git a/azure-sql/database/troubleshoot-common-connectivity-issues.md b/azure-sql/database/troubleshoot-common-connectivity-issues.md index 1491666af67..9ee9d17158e 100644 --- a/azure-sql/database/troubleshoot-common-connectivity-issues.md +++ b/azure-sql/database/troubleshoot-common-connectivity-issues.md @@ -8,9 +8,9 @@ ms.subservice: development ms.custom: sqldbrb=1 ms.devlang: ms.topic: troubleshooting -author: dalechen -ms.author: ninarn -ms.reviewer: sstein, vanto +author: ramakoni1 +ms.author: ramakoni +ms.reviewer: mathoma, vanto ms.date: 01/14/2020 --- diff --git a/azure-sql/database/troubleshoot-common-errors-issues.md b/azure-sql/database/troubleshoot-common-errors-issues.md index 310bdff9e42..eae156d99a7 100644 --- a/azure-sql/database/troubleshoot-common-errors-issues.md +++ b/azure-sql/database/troubleshoot-common-errors-issues.md @@ -3,7 +3,7 @@ title: Troubleshoot common connection issues to Azure SQL Database description: Provides steps to troubleshoot Azure SQL Database connection issues and resolve other Azure SQL Database or Azure SQL Managed Instance specific issues services: sql-database ms.service: sql-db-mi -ms.subservice: development +ms.subservice: connect ms.topic: troubleshooting ms.custom: seo-lt-2019, OKR 11/2019, sqldbrb=1 author: ramakoni1 diff --git a/azure-sql/database/vnet-service-endpoint-rule-overview.md b/azure-sql/database/vnet-service-endpoint-rule-overview.md index 2a701afc9df..336fbe0af70 100644 --- a/azure-sql/database/vnet-service-endpoint-rule-overview.md +++ b/azure-sql/database/vnet-service-endpoint-rule-overview.md @@ -10,7 +10,7 @@ ms.topic: how-to author: rohitnayakmsft ms.author: rohitna ms.reviewer: vanto, genemi -ms.date: 11/14/2019 +ms.date: 05/26/2021 --- # Use virtual network service endpoints and rules for servers in Azure SQL Database @@ -176,7 +176,7 @@ PolyBase and the COPY statement are commonly used to load data into Azure Synaps ### SQL Database blob auditing -Blob auditing pushes audit logs to your own storage account. If this storage account uses the virtual network service endpoints feature, connectivity from SQL Database to the storage account will break. +Azure SQL auditing can write SQL audit logs to your own storage account. If this storage account uses the virtual network service endpoints feature, see how to [write audit to a storage account behind VNet and firewall](https://docs.microsoft.com/azure/azure-sql/database/audit-write-storage-account-behind-vnet-firewall). ## Add a virtual network firewall rule to your server diff --git a/azure-sql/database/xevent-code-event-file.md b/azure-sql/database/xevent-code-event-file.md index 64f49d719ed..efd8f140f59 100644 --- a/azure-sql/database/xevent-code-event-file.md +++ b/azure-sql/database/xevent-code-event-file.md @@ -4,7 +4,7 @@ description: Provides PowerShell and Transact-SQL for a two-phase code sample th services: sql-database ms.service: sql-database ms.subservice: performance -ms.custom: sqldbrb=1 +ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: PowerShell ms.topic: sample author: WilliamDAssafMSFT @@ -515,4 +515,4 @@ For more info about accounts and containers in the Azure Storage service, see: - [Working with the Root Container](/rest/api/storageservices/Working-with-the-Root-Container) - [Lesson 1: Create a stored access policy and a shared access signature on an Azure container](/sql/relational-databases/tutorial-use-azure-blob-storage-service-with-sql-server-2016#1---create-stored-access-policy-and-shared-access-storage) - [Lesson 2: Create a SQL Server credential using a shared access signature](/sql/relational-databases/tutorial-use-azure-blob-storage-service-with-sql-server-2016#2---create-a-sql-server-credential-using-a-shared-access-signature) -- [Extended Events for Microsoft SQL Server](/sql/relational-databases/extended-events/extended-events) \ No newline at end of file +- [Extended Events for Microsoft SQL Server](/sql/relational-databases/extended-events/extended-events) diff --git a/azure-sql/glossary-terms.md b/azure-sql/glossary-terms.md index 2f7f8bd0cb6..28940ca4b8f 100644 --- a/azure-sql/glossary-terms.md +++ b/azure-sql/glossary-terms.md @@ -3,13 +3,13 @@ title: Glossary of terms titleSuffix: Azure SQL Database & SQL Managed Instance description: A glossary of terms for working with Azure SQL Database, Azure SQL Managed Instance, and SQL on Azure VM. services: sql-database -ms.service: sql-db-mi -ms.subservice: service +ms.service: sql-database +ms.subservice: service-overview ms.custom: sqldbrb=4 ms.devlang: ms.topic: reference -author: WilliamDAssafMSFT -ms.author: wiassaf +author: MashaMSFT +ms.author: mathoma ms.reviewer: ms.date: 5/18/2021 --- diff --git a/azure-sql/in-memory-oltp-configure.md b/azure-sql/in-memory-oltp-configure.md index abd0ca7d6c9..787336776b3 100644 --- a/azure-sql/in-memory-oltp-configure.md +++ b/azure-sql/in-memory-oltp-configure.md @@ -4,11 +4,11 @@ description: Adopt In-Memory OLTP to improve transactional performance in an exi services: sql-database ms.service: sql-database ms.custom: sqldbrb=2 -ms.subservice: development +ms.subservice: performance ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: MightyPen +author: WilliamDAssafMSFT +ms.author: wiassaf +ms.reviewer: mathoma ms.date: 11/07/2018 --- # Use In-Memory OLTP to improve your application performance in Azure SQL Database and Azure SQL Managed Instance diff --git a/azure-sql/in-memory-oltp-overview.md b/azure-sql/in-memory-oltp-overview.md index 033169a1986..f426d7d7f06 100644 --- a/azure-sql/in-memory-oltp-overview.md +++ b/azure-sql/in-memory-oltp-overview.md @@ -3,13 +3,13 @@ title: In-memory technologies description: In-memory technologies greatly improve the performance of transactional and analytics workloads in Azure SQL Database and Azure SQL Managed Instance. services: sql-database ms.service: sql-db-mi -ms.subservice: +ms.subservice: performance ms.custom: sqldbrb=2 ms.devlang: ms.topic: conceptual -author: stevestein -ms.author: sstein -ms.reviewer: +author: WilliamDAssafMSFT +ms.author: wiassaf +ms.reviewer: mathoma ms.date: 03/19/2019 --- # Optimize performance by using in-memory technologies in Azure SQL Database and Azure SQL Managed Instance diff --git a/azure-sql/in-memory-sample.md b/azure-sql/in-memory-sample.md index 9e445f92a02..0faca63d18f 100644 --- a/azure-sql/in-memory-sample.md +++ b/azure-sql/in-memory-sample.md @@ -3,13 +3,13 @@ title: In-Memory sample description: Try Azure SQL Database In-Memory technologies with OLTP and columnstore sample. services: sql-database ms.service: sql-database -ms.subservice: development +ms.subservice: performance ms.custom: sqldbrb=1 ms.devlang: ms.topic: sample author: jovanpop-msft ms.author: jovanpop -ms.reviewer: +ms.reviewer: mathoma ms.date: 12/18/2018 --- # In-Memory sample diff --git a/azure-sql/includes/sql-database-create-manage-portal.md b/azure-sql/includes/sql-database-create-manage-portal.md index 18b88db722a..e095b2b486f 100644 --- a/azure-sql/includes/sql-database-create-manage-portal.md +++ b/azure-sql/includes/sql-database-create-manage-portal.md @@ -1,10 +1,10 @@ --- -author: stevestein +author: MashaMSFT ms.service: sql-database ms.subservice: operations ms.topic: include ms.date: 08/23/2019 -ms.author: sstein +ms.author: mathoma --- ## Create and manage Azure SQL resources with the Azure portal diff --git a/azure-sql/includes/sql-database-create-single-database.md b/azure-sql/includes/sql-database-create-single-database.md index 9f1a9d00ca3..b68de1cca3d 100644 --- a/azure-sql/includes/sql-database-create-single-database.md +++ b/azure-sql/includes/sql-database-create-single-database.md @@ -1,10 +1,10 @@ --- author: MashaMSFT ms.service: sql-database -ms.subservice: single-database +ms.subservice: service-overview ms.topic: include ms.date: 03/10/2020 -ms.author: sstein +ms.author: mathoma ms.reviewer: vanto --- diff --git a/azure-sql/index.yml b/azure-sql/index.yml index 682cd963b7b..eaa0a5a9eb2 100644 --- a/azure-sql/index.yml +++ b/azure-sql/index.yml @@ -8,12 +8,12 @@ metadata: description: "Azure SQL is a family of SQL Server database engine products in the cloud, from a fully managed database in Azure SQL Database, a fully managed instance in Azure SQL Managed Instance, or SQL Server installed to virtual machine in Azure." services: sql-database ms.service: sql-database - ms.subservice: service + ms.subservice: service-overview ms.tgt_pltfrm: na ms.devlang: ms.topic: landing-page - author: stevestein - ms.author: sstein + author: MashaMSFT + ms.author: mathoma ms.reviewer: ms.date: 10/30/2019 diff --git a/azure-sql/load-from-csv-with-bcp.md b/azure-sql/load-from-csv-with-bcp.md index 56ccfc97d4c..09d117f72d1 100644 --- a/azure-sql/load-from-csv-with-bcp.md +++ b/azure-sql/load-from-csv-with-bcp.md @@ -7,9 +7,9 @@ ms.subservice: data-movement ms.custom: sqldbrb=1 ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: +author: dzsquared +ms.author: drskwier +ms.reviewer: mathoma ms.date: 01/25/2019 --- # Load data from CSV into Azure SQL Database or SQL Managed Instance (flat files) diff --git a/azure-sql/managed-instance/api-references-create-manage-instance.md b/azure-sql/managed-instance/api-references-create-manage-instance.md index e661fd01548..3d065f6dbbe 100644 --- a/azure-sql/managed-instance/api-references-create-manage-instance.md +++ b/azure-sql/managed-instance/api-references-create-manage-instance.md @@ -3,12 +3,12 @@ title: Management API reference for Azure SQL Managed Instance description: Learn about creating and configuring managed instances of Azure SQL Managed Instance. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: development ms.devlang: ms.topic: reference -author: stevestein -ms.author: sstein -ms.reviewer: +author: urosmil +ms.author: urmilano +ms.reviewer: mathoma ms.date: 03/12/2019 --- # Managed API reference for Azure SQL Managed Instance diff --git a/azure-sql/managed-instance/azure-app-sync-network-configuration.md b/azure-sql/managed-instance/azure-app-sync-network-configuration.md index 1a00a67a6dc..1b45afdf1c0 100644 --- a/azure-sql/managed-instance/azure-app-sync-network-configuration.md +++ b/azure-sql/managed-instance/azure-app-sync-network-configuration.md @@ -4,7 +4,7 @@ titleSuffix: Azure SQL Managed Instance description: This article discusses how to sync your network configuration for Azure App Service hosting plan with your Azure SQL Managed Instance. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: deployment-configuration ms.custom: sqldbrb=1 ms.devlang: ms.topic: how-to diff --git a/azure-sql/managed-instance/connect-application-instance.md b/azure-sql/managed-instance/connect-application-instance.md index 9bae9b1c695..2bf8f948d3c 100644 --- a/azure-sql/managed-instance/connect-application-instance.md +++ b/azure-sql/managed-instance/connect-application-instance.md @@ -4,7 +4,7 @@ titleSuffix: Azure SQL Managed Instance description: This article discusses how to connect your application to Azure SQL Managed Instance. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: connect ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual diff --git a/azure-sql/managed-instance/connect-vm-instance-configure.md b/azure-sql/managed-instance/connect-vm-instance-configure.md index 1a0a1c278b0..f63c083e32c 100644 --- a/azure-sql/managed-instance/connect-vm-instance-configure.md +++ b/azure-sql/managed-instance/connect-vm-instance-configure.md @@ -4,13 +4,13 @@ titleSuffix: Azure SQL Managed Instance description: Connect to Azure SQL Managed Instance using SQL Server Management Studio from an Azure virtual machine. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: connect ms.custom: ms.devlang: ms.topic: quickstart -author: jovanpop-msft -ms.author: jovanpop -ms.reviewer: sstein, srbozovi, bonova +author: zoran-rilak-msft +ms.author: zoranrilak +ms.reviewer: mathoma, srbozovi, bonova ms.date: 02/18/2019 --- # Quickstart: Configure an Azure VM to connect to Azure SQL Managed Instance diff --git a/azure-sql/managed-instance/connection-types-overview.md b/azure-sql/managed-instance/connection-types-overview.md index f24f3fdfc62..eb2ed6c4e20 100644 --- a/azure-sql/managed-instance/connection-types-overview.md +++ b/azure-sql/managed-instance/connection-types-overview.md @@ -4,7 +4,7 @@ titleSuffix: Azure SQL Managed Instance description: Learn about Azure SQL Managed Instance connection types services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: connect ms.topic: conceptual author: srdan-bozovic-msft ms.author: srbozovi diff --git a/azure-sql/managed-instance/connectivity-architecture-overview.md b/azure-sql/managed-instance/connectivity-architecture-overview.md index 0765674b4a6..0a418038105 100644 --- a/azure-sql/managed-instance/connectivity-architecture-overview.md +++ b/azure-sql/managed-instance/connectivity-architecture-overview.md @@ -4,7 +4,7 @@ titleSuffix: Azure SQL Managed Instance description: Learn about Azure SQL Managed Instance communication and connectivity architecture as well as how the components direct traffic to a managed instance. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: service-overview ms.custom: fasttrack-edit ms.devlang: ms.topic: conceptual diff --git a/azure-sql/managed-instance/create-template-quickstart.md b/azure-sql/managed-instance/create-template-quickstart.md index 739e65a5ba8..a3758281438 100644 --- a/azure-sql/managed-instance/create-template-quickstart.md +++ b/azure-sql/managed-instance/create-template-quickstart.md @@ -3,13 +3,13 @@ title: "Azure Resource Manager: Create an Azure SQL Managed Instance" description: Learn how to create an Azure SQL Managed Instance by using an Azure Resource Manager template. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations -ms.custom: subject-armqs +ms.subservice: deployment-configuration +ms.custom: subject-armqs, devx-track-azurepowershell ms.devlang: ms.topic: quickstart -author: stevestein -ms.author: sstein -ms.reviewer: +author: srdan-bozovic-msft +ms.author: srbozovi +ms.reviewer: mathoma ms.date: 06/22/2020 --- diff --git a/azure-sql/managed-instance/custom-dns-configure.md b/azure-sql/managed-instance/custom-dns-configure.md index 1d5d2085af4..cac7202280b 100644 --- a/azure-sql/managed-instance/custom-dns-configure.md +++ b/azure-sql/managed-instance/custom-dns-configure.md @@ -4,7 +4,7 @@ titleSuffix: Azure SQL Managed Instance description: This topic describes configuration options for a custom DNS with Azure SQL Managed Instance. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: deployment-configuration ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual diff --git a/azure-sql/managed-instance/failover-group-add-instance-tutorial.md b/azure-sql/managed-instance/failover-group-add-instance-tutorial.md index 8e95e7689db..7d469d9dd4c 100644 --- a/azure-sql/managed-instance/failover-group-add-instance-tutorial.md +++ b/azure-sql/managed-instance/failover-group-add-instance-tutorial.md @@ -8,9 +8,9 @@ ms.subservice: high-availability ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: ms.topic: tutorial -author: stevestein -ms.author: sstein -ms.reviewer: sashan +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 08/27/2019 --- # Tutorial: Add SQL Managed Instance to a failover group diff --git a/azure-sql/managed-instance/frequently-asked-questions-faq.md b/azure-sql/managed-instance/frequently-asked-questions-faq.md index fb01c73bef6..102740a27af 100644 --- a/azure-sql/managed-instance/frequently-asked-questions-faq.md +++ b/azure-sql/managed-instance/frequently-asked-questions-faq.md @@ -3,13 +3,13 @@ title: Frequently asked questions (FAQ) description: Azure SQL Managed Instance frequently asked questions (FAQ) services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: service-overview ms.custom: sqldbrb=1 ms.devlang: ms.topic: conceptual author: urosmil ms.author: urmilano -ms.reviewer: sstein +ms.reviewer: mathoma ms.date: 09/21/2020 --- # Azure SQL Managed Instance frequently asked questions (FAQ) diff --git a/azure-sql/managed-instance/how-to-content-reference-guide.md b/azure-sql/managed-instance/how-to-content-reference-guide.md index 94f33a8a521..5cd554232bb 100644 --- a/azure-sql/managed-instance/how-to-content-reference-guide.md +++ b/azure-sql/managed-instance/how-to-content-reference-guide.md @@ -4,13 +4,12 @@ titleSuffix: Azure SQL Managed Instance description: A reference guide of content that teaches you how to configure and manage Azure SQL Managed Instance. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: deployment-configuration ms.custom: sqldbrb=1 ms.devlang: ms.topic: guide -author: jovanpop-msft -ms.author: jovanpop -ms.reviewer: sstein +author: MashaMSFT +ms.author: mathoma ms.date: 04/16/2019 --- # Azure SQL Managed Instance content reference diff --git a/azure-sql/managed-instance/index.yml b/azure-sql/managed-instance/index.yml index 1a435816c37..369dd42ab32 100644 --- a/azure-sql/managed-instance/index.yml +++ b/azure-sql/managed-instance/index.yml @@ -8,10 +8,10 @@ metadata: description: Find documentation about Azure SQL Managed Instance, a managed instance in Azure based on the latest stable version of Microsoft SQL Server. services: sql-database ms.service: sql-managed-instance - ms.subservice: operations + ms.subservice: service-overview ms.topic: landing-page - author: stevestein - ms.author: sstein + author: MashaMSFT + ms.author: mathoma ms.reviewer: ms.date: 05/27/2020 diff --git a/azure-sql/managed-instance/instance-create-quickstart.md b/azure-sql/managed-instance/instance-create-quickstart.md index 882cad938c8..dd8ba71c424 100644 --- a/azure-sql/managed-instance/instance-create-quickstart.md +++ b/azure-sql/managed-instance/instance-create-quickstart.md @@ -3,13 +3,13 @@ title: "Quickstart: Create an Azure SQL Managed Instance (portal)" description: Create a managed instance, network environment, and client VM for access using the Azure portal in this quickstart. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: deployment-configuration ms.custom: ms.devlang: ms.topic: quickstart author: danimir ms.author: danil -ms.reviewer: sstein +ms.reviewer: mathoma ms.date: 1/29/2021 --- # Quickstart: Create an Azure SQL Managed Instance diff --git a/azure-sql/managed-instance/instance-pools-configure.md b/azure-sql/managed-instance/instance-pools-configure.md index 1f50b872663..1a7095077ac 100644 --- a/azure-sql/managed-instance/instance-pools-configure.md +++ b/azure-sql/managed-instance/instance-pools-configure.md @@ -4,13 +4,13 @@ titleSuffix: Azure SQL Managed Instance description: This article describes how to create and manage Azure SQL Managed Instance pools (preview). services: sql-database ms.service: sql-managed-instance -ms.subservice: operations -ms.custom: +ms.subservice: deployment-configuration +ms.custom: devx-track-azurepowershell ms.devlang: ms.topic: how-to -author: bonova -ms.author: bonova -ms.reviewer: sstein +author: urosmil +ms.author: urmilano +ms.reviewer: mathoma ms.date: 09/05/2019 --- # Deploy Azure SQL Managed Instance to an instance pool diff --git a/azure-sql/managed-instance/instance-pools-overview.md b/azure-sql/managed-instance/instance-pools-overview.md index 463bc5370e5..941286daf30 100644 --- a/azure-sql/managed-instance/instance-pools-overview.md +++ b/azure-sql/managed-instance/instance-pools-overview.md @@ -4,13 +4,13 @@ titleSuffix: Azure SQL Managed Instance description: Learn about Azure SQL Managed Instance pools (preview), a feature that provides a convenient and cost-efficient way to migrate smaller SQL Server databases to the cloud at scale, and manage multiple managed instances. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: service-overview ms.custom: ms.devlang: ms.topic: conceptual -author: bonova -ms.author: bonova -ms.reviewer: sstein +author: urosmil +ms.author: urmilano +ms.reviewer: mathoma ms.date: 09/05/2019 --- # What is an Azure SQL Managed Instance pool (preview)? diff --git a/azure-sql/managed-instance/log-replay-service-migrate.md b/azure-sql/managed-instance/log-replay-service-migrate.md index f3dd0493209..497e1be5e78 100644 --- a/azure-sql/managed-instance/log-replay-service-migrate.md +++ b/azure-sql/managed-instance/log-replay-service-migrate.md @@ -3,11 +3,12 @@ title: Migrate databases to SQL Managed Instance using Log Replay Service description: Learn how to migrate databases from SQL Server to SQL Managed Instance by using Log Replay Service services: sql-database ms.service: sql-managed-instance -ms.custom: seo-lt-2019, sqldbrb=1, devx-track-azurecli +ms.subservice: migration +ms.custom: seo-lt-2019, sqldbrb=1, devx-track-azurecli, devx-track-azurepowershell ms.topic: how-to author: danimir ms.author: danil -ms.reviewer: sstein +ms.reviewer: mathoma ms.date: 03/31/2021 --- @@ -62,7 +63,7 @@ After LRS is stopped, either automatically through autocomplete or manually thro | Operation | Details | | :----------------------------- | :------------------------- | -| **1. Copy database backups from SQL Server to Blob Storage**. | Copy full, differential, and log backups from SQL Server to a Blob Storage container by using [Azcopy](../../storage/common/storage-use-azcopy-v10.md) or [Azure Storage Explorer](https://azure.microsoft.com/features/storage-explorer/).

Use any file names. LRS doesn't require a specific file-naming convention.

In migrating several databases, you need a separate folder for each database. | +| **1. Copy database backups from SQL Server to Blob Storage**. | Copy full, differential, and log backups from SQL Server to a Blob Storage container by using [AzCopy](../../storage/common/storage-use-azcopy-v10.md) or [Azure Storage Explorer](https://azure.microsoft.com/features/storage-explorer/).

Use any file names. LRS doesn't require a specific file-naming convention.

In migrating several databases, you need a separate folder for each database. | | **2. Start LRS in the cloud**. | You can restart the service with a choice of cmdlets: PowerShell ([start-azsqlinstancedatabaselogreplay](/powershell/module/az.sql/start-azsqlinstancedatabaselogreplay)) or Azure CLI ([az_sql_midb_log_replay_start cmdlets](/cli/azure/sql/midb/log-replay#az_sql_midb_log_replay_start)).

Start LRS separately for each database that points to a backup folder on Blob Storage.

After you start the service, it will take backups from the Blob Storage container and start restoring them on SQL Managed Instance.

If you started LRS in continuous mode, after all initially uploaded backups are restored, the service will watch for any new files uploaded to the folder. The service will continuously apply logs based on the log sequence number (LSN) chain until it's stopped. | | **2.1. Monitor the operation's progress**. | You can monitor progress of the restore operation with a choice of cmdlets: PowerShell ([get-azsqlinstancedatabaselogreplay](/powershell/module/az.sql/get-azsqlinstancedatabaselogreplay)) or Azure CLI ([az_sql_midb_log_replay_show cmdlets](/cli/azure/sql/midb/log-replay#az_sql_midb_log_replay_show)). | | **2.2. Stop the operation if needed**. | If you need to stop the migration process, you have a choice of cmdlets: PowerShell ([stop-azsqlinstancedatabaselogreplay](/powershell/module/az.sql/stop-azsqlinstancedatabaselogreplay)) or Azure CLI ([az_sql_midb_log_replay_stop](/cli/azure/sql/midb/log-replay#az_sql_midb_log_replay_stop)).

Stopping the operation will delete the database that you're restoring on SQL Managed Instance. After you stop an operation, you can't resume LRS for a database. You need to restart the migration process from scratch. | @@ -160,7 +161,7 @@ Azure Blob Storage is used as intermediary storage for backup files between SQL In migrating databases to a managed instance by using LRS, you can use the following approaches to upload backups to Blob Storage: - Using SQL Server native [BACKUP TO URL](/sql/relational-databases/backup-restore/sql-server-backup-to-url) functionality -- Using [Azcopy](../../storage/common/storage-use-azcopy-v10.md) or [Azure Storage Explorer](https://azure.microsoft.com/en-us/features/storage-explorer) to upload backups to a blob container +- Using [AzCopy](../../storage/common/storage-use-azcopy-v10.md) or [Azure Storage Explorer](https://azure.microsoft.com/en-us/features/storage-explorer) to upload backups to a blob container - Using Storage Explorer in the Azure portal ### Make backups from SQL Server directly to Blob Storage diff --git a/azure-sql/managed-instance/long-term-backup-retention-configure.md b/azure-sql/managed-instance/long-term-backup-retention-configure.md index 80086fbc74c..a5722380d87 100644 --- a/azure-sql/managed-instance/long-term-backup-retention-configure.md +++ b/azure-sql/managed-instance/long-term-backup-retention-configure.md @@ -4,7 +4,7 @@ description: "Learn how to store and restore automated backups on separate Azure services: sql-database ms.service: sql-managed-instance ms.subservice: operations -ms.custom: +ms.custom: devx-track-azurepowershell ms.devlang: ms.topic: how-to author: shkale-msft diff --git a/azure-sql/managed-instance/management-endpoint-find-ip-address.md b/azure-sql/managed-instance/management-endpoint-find-ip-address.md index 489d2d4785b..8cd07ae6c01 100644 --- a/azure-sql/managed-instance/management-endpoint-find-ip-address.md +++ b/azure-sql/managed-instance/management-endpoint-find-ip-address.md @@ -4,7 +4,7 @@ titleSuffix: Azure SQL Managed Instance description: Learn how to get the Azure SQL Managed Instance management endpoint public IP address and verify its built-in firewall protection services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: deployment-configuration ms.custom: sqldbrb=1 ms.devlang: ms.topic: how-to diff --git a/azure-sql/managed-instance/management-operations-cancel.md b/azure-sql/managed-instance/management-operations-cancel.md index b5d3501e59a..cbc73f51750 100644 --- a/azure-sql/managed-instance/management-operations-cancel.md +++ b/azure-sql/managed-instance/management-operations-cancel.md @@ -4,8 +4,8 @@ titleSuffix: Azure SQL Managed Instance description: Learn how to cancel Azure SQL Managed Instance management operations. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations -ms.custom: +ms.subservice: deployment-configuration +ms.custom: devx-track-azurepowershell ms.devlang: ms.topic: how-to author: urosmil diff --git a/azure-sql/managed-instance/management-operations-monitor.md b/azure-sql/managed-instance/management-operations-monitor.md index c0d29987355..7619a3704be 100644 --- a/azure-sql/managed-instance/management-operations-monitor.md +++ b/azure-sql/managed-instance/management-operations-monitor.md @@ -4,8 +4,8 @@ titleSuffix: Azure SQL Managed Instance description: Learn about different ways for monitoring of Azure SQL Managed Instance management operations. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations -ms.custom: +ms.subservice: deployment-configuration +ms.custom: devx-track-azurepowershell ms.devlang: ms.topic: how-to author: urosmil @@ -113,4 +113,4 @@ For detailed commands explanation, see [az sql mi op](/cli/azure/sql/mi/op). - For a features and comparison list, see [common SQL features](../database/features-comparison.md). - For more information about VNet configuration, see [SQL Managed Instance VNet configuration](connectivity-architecture-overview.md). - For a quickstart that creates a managed instance and restores a database from a backup file, see [Create a managed instance](instance-create-quickstart.md). -- For a tutorial about using Azure Database Migration Service for migration, see [SQL Managed Instance migration using Database Migration Service](../../dms/tutorial-sql-server-to-managed-instance.md). \ No newline at end of file +- For a tutorial about using Azure Database Migration Service for migration, see [SQL Managed Instance migration using Database Migration Service](../../dms/tutorial-sql-server-to-managed-instance.md). diff --git a/azure-sql/managed-instance/management-operations-overview.md b/azure-sql/managed-instance/management-operations-overview.md index df4efe4ba1b..7eba4bc3c07 100644 --- a/azure-sql/managed-instance/management-operations-overview.md +++ b/azure-sql/managed-instance/management-operations-overview.md @@ -4,7 +4,7 @@ titleSuffix: Azure SQL Managed Instance description: Learn about Azure SQL Managed Instance management operations duration and best practices. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: deployment-configuration ms.custom: ms.devlang: ms.topic: overview diff --git a/azure-sql/managed-instance/media/sql-managed-instance-paas-overview/key-features.png b/azure-sql/managed-instance/media/sql-managed-instance-paas-overview/key-features.png index 9e2efebe506..a0c2939a666 100644 Binary files a/azure-sql/managed-instance/media/sql-managed-instance-paas-overview/key-features.png and b/azure-sql/managed-instance/media/sql-managed-instance-paas-overview/key-features.png differ diff --git a/azure-sql/managed-instance/migrate-to-instance-from-sql-server.md b/azure-sql/managed-instance/migrate-to-instance-from-sql-server.md index 81db18b4acd..6b5d656aec1 100644 --- a/azure-sql/managed-instance/migrate-to-instance-from-sql-server.md +++ b/azure-sql/managed-instance/migrate-to-instance-from-sql-server.md @@ -7,9 +7,9 @@ ms.subservice: migration ms.custom: seo-lt-2019, sqldbrb=1 ms.devlang: ms.topic: conceptual -author: bonova -ms.author: bonova -ms.reviewer: +author: danimir +ms.author: danil +ms.reviewer: cawrites ms.date: 07/11/2019 --- # SQL Server instance migration to Azure SQL Managed Instance diff --git a/azure-sql/managed-instance/minimal-tls-version-configure.md b/azure-sql/managed-instance/minimal-tls-version-configure.md index de9a59f30c4..38b7e7e74ed 100644 --- a/azure-sql/managed-instance/minimal-tls-version-configure.md +++ b/azure-sql/managed-instance/minimal-tls-version-configure.md @@ -4,7 +4,7 @@ description: "Learn how to configure minimal TLS version for managed instance" services: sql-database ms.service: sql-managed-instance ms.subservice: security -ms.custom: +ms.custom: devx-track-azurepowershell ms.topic: how-to author: srdan-bozovic-msft ms.author: srbozovi @@ -58,4 +58,4 @@ az sql mi show -n sql-instance-name -g resource-group --query "minimalTlsVersion # Update setting for Minimal TLS Version az sql mi update -n sql-instance-name -g resource-group --set minimalTlsVersion="1.2" -``` \ No newline at end of file +``` diff --git a/azure-sql/managed-instance/point-in-time-restore.md b/azure-sql/managed-instance/point-in-time-restore.md index 33a2e5940d8..ea1fa179879 100644 --- a/azure-sql/managed-instance/point-in-time-restore.md +++ b/azure-sql/managed-instance/point-in-time-restore.md @@ -4,13 +4,13 @@ titleSuffix: Azure SQL Managed Instance description: Restore a database on Azure SQL Managed Instance to a previous point in time. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations -ms.custom: +ms.subservice: backup-restore +ms.custom: devx-track-azurepowershell ms.devlang: ms.topic: how-to -author: jovanpop-msft -ms.author: jovanpop -ms.reviewer: sstein, mathoma +author: Misliplavo +ms.author: mlazic +ms.reviewer: mathoma ms.date: 08/25/2019 --- # Restore a database in Azure SQL Managed Instance to a previous point in time diff --git a/azure-sql/managed-instance/point-to-site-p2s-configure.md b/azure-sql/managed-instance/point-to-site-p2s-configure.md index 91e6bb98a75..29b2decf881 100644 --- a/azure-sql/managed-instance/point-to-site-p2s-configure.md +++ b/azure-sql/managed-instance/point-to-site-p2s-configure.md @@ -4,7 +4,7 @@ titleSuffix: Azure SQL Managed Instance description: Connect to Azure SQL Managed Instance using SQL Server Management Studio (SSMS) using a point-to-site connection from an on-premises client computer. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: deployment-configuration ms.custom: ms.devlang: ms.topic: quickstart diff --git a/azure-sql/managed-instance/public-endpoint-configure.md b/azure-sql/managed-instance/public-endpoint-configure.md index ee4c92f80e4..c6667510cfb 100644 --- a/azure-sql/managed-instance/public-endpoint-configure.md +++ b/azure-sql/managed-instance/public-endpoint-configure.md @@ -4,7 +4,7 @@ description: "Learn how to configure a public endpoint for Azure SQL Managed Ins services: sql-database ms.service: sql-managed-instance ms.subservice: security -ms.custom: sqldbrb=1 +ms.custom: sqldbrb=1, devx-track-azurepowershell ms.topic: how-to author: srdan-bozovic-msft ms.author: srbozovi diff --git a/azure-sql/managed-instance/quickstart-content-reference-guide.md b/azure-sql/managed-instance/quickstart-content-reference-guide.md index 4716aad22c1..b1429defe31 100644 --- a/azure-sql/managed-instance/quickstart-content-reference-guide.md +++ b/azure-sql/managed-instance/quickstart-content-reference-guide.md @@ -4,13 +4,13 @@ titleSuffix: Azure SQL Managed Instance description: "A reference for content that helps you get started with Azure SQL Managed Instance. " services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: deployment-configuration ms.custom: sqldbrb=1 ms.devlang: ms.topic: quickstart author: davidtrigano ms.author: datrigan -ms.reviewer: vanto +ms.reviewer: vanto, mathoma ms.date: 07/11/2019 --- # Getting started with Azure SQL Managed Instance diff --git a/azure-sql/managed-instance/replication-between-two-instances-configure-tutorial.md b/azure-sql/managed-instance/replication-between-two-instances-configure-tutorial.md index a983b2f46e4..fa150a23643 100644 --- a/azure-sql/managed-instance/replication-between-two-instances-configure-tutorial.md +++ b/azure-sql/managed-instance/replication-between-two-instances-configure-tutorial.md @@ -4,11 +4,11 @@ titleSuffix: Azure SQL Managed Instance description: This tutorial teaches you to configure transactional replication between an Azure SQL Managed Instance publisher/distributor and a SQL Managed Instance subscriber. services: sql-database ms.service: sql-managed-instance -ms.subservice: data-movement +ms.subservice: replication ms.custom: sqldbrb=1 ms.devlang: ms.topic: tutorial -author: MashaMSFT +author: ferno-ms ms.author: ferno ms.reviewer: mathoma ms.date: 04/28/2020 diff --git a/azure-sql/managed-instance/replication-two-instances-and-sql-server-configure-tutorial.md b/azure-sql/managed-instance/replication-two-instances-and-sql-server-configure-tutorial.md index 488afe8b949..7c938f809de 100644 --- a/azure-sql/managed-instance/replication-two-instances-and-sql-server-configure-tutorial.md +++ b/azure-sql/managed-instance/replication-two-instances-and-sql-server-configure-tutorial.md @@ -6,8 +6,8 @@ ms.service: sql-managed-instance ms.subservice: security ms.custom: sqldbrb=1 ms.topic: tutorial -author: stevestein -ms.author: sstein +author: rothja +ms.author: jroth ms.reviewer: ms.date: 11/21/2019 --- diff --git a/azure-sql/managed-instance/resource-limits.md b/azure-sql/managed-instance/resource-limits.md index 23553b9b8e3..5247449124c 100644 --- a/azure-sql/managed-instance/resource-limits.md +++ b/azure-sql/managed-instance/resource-limits.md @@ -4,13 +4,13 @@ titleSuffix: Azure SQL Managed Instance description: This article provides an overview of the resource limits for Azure SQL Managed Instance. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: service-overview ms.custom: ms.devlang: ms.topic: reference -author: bonova -ms.author: bonova -ms.reviewer: sstein, jovanpop, sachinp +author: vladai78 +ms.author: vladiv +ms.reviewer: mathoma, jovanpop, sachinp ms.date: 09/14/2020 --- # Overview of Azure SQL Managed Instance resource limits diff --git a/azure-sql/managed-instance/restore-sample-database-quickstart.md b/azure-sql/managed-instance/restore-sample-database-quickstart.md index 7e27f14f378..cca93be2e45 100644 --- a/azure-sql/managed-instance/restore-sample-database-quickstart.md +++ b/azure-sql/managed-instance/restore-sample-database-quickstart.md @@ -4,13 +4,13 @@ titleSuffix: Azure SQL Managed Instance description: In this quickstart, learn to restore a database backup to Azure SQL Managed Instance using SQL Server Management Studio (SSMS). services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: backup-restore ms.custom: ms.devlang: ms.topic: quickstart -author: srdan-bozovic-msft -ms.author: srbozovi -ms.reviewer: sstein, bonova +author: danimir +ms.author: danil +ms.reviewer: mathoma ms.date: 12/14/2018 --- # Quickstart: Restore a database to Azure SQL Managed Instance with SSMS diff --git a/azure-sql/managed-instance/scripts/add-to-failover-group-powershell.md b/azure-sql/managed-instance/scripts/add-to-failover-group-powershell.md index de1c3bb024a..c2c939cda23 100644 --- a/azure-sql/managed-instance/scripts/add-to-failover-group-powershell.md +++ b/azure-sql/managed-instance/scripts/add-to-failover-group-powershell.md @@ -5,12 +5,12 @@ description: Azure PowerShell example script to create a managed instance, add i services: sql-database ms.service: sql-managed-instance ms.subservice: high-availability -ms.custom: sqldbrb=1 +ms.custom: sqldbrb=1, devx-track-azurepowershell ms.devlang: PowerShell ms.topic: sample -author: stevestein -ms.author: sstein -ms.reviewer: +author: BustosMSFT +ms.author: robustos +ms.reviewer: mathoma ms.date: 07/16/2019 --- # Use PowerShell to add a managed instance to a failover group diff --git a/azure-sql/managed-instance/scripts/create-configure-managed-instance-powershell.md b/azure-sql/managed-instance/scripts/create-configure-managed-instance-powershell.md index 1023eb463e1..386f17a5cf3 100644 --- a/azure-sql/managed-instance/scripts/create-configure-managed-instance-powershell.md +++ b/azure-sql/managed-instance/scripts/create-configure-managed-instance-powershell.md @@ -4,13 +4,13 @@ titleSuffix: Azure SQL Managed Instance description: This article provides an Azure PowerShell example script to create a managed instance. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations -ms.custom: +ms.subservice: deployment-configuration +ms.custom: devx-track-azurepowershell ms.devlang: PowerShell ms.topic: sample -author: stevestein -ms.author: sstein -ms.reviewer: +author: urosmil +ms.author: urmilano +ms.reviewer: mathoma ms.date: 03/25/2019 --- # Use PowerShell to create a managed instance diff --git a/azure-sql/managed-instance/scripts/restore-geo-backup.md b/azure-sql/managed-instance/scripts/restore-geo-backup.md index 606c8b81e9f..3e390418801 100644 --- a/azure-sql/managed-instance/scripts/restore-geo-backup.md +++ b/azure-sql/managed-instance/scripts/restore-geo-backup.md @@ -3,13 +3,13 @@ title: "PowerShell: Restore geo-backup for Azure SQL Managed Instance" description: Azure PowerShell example script to restore an Azure SQL Managed Instance database from a geo-redundant backup. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations -ms.custom: +ms.subservice: backup-restore +ms.custom: devx-track-azurepowershell ms.devlang: PowerShell ms.topic: sample -author: jovanpop-msft -ms.author: jovanpop -ms.reviewer: sstein +author: Misliplavo +ms.author: mlazic +ms.reviewer: mathoma ms.date: 07/03/2019 --- # Use PowerShell to restore an Azure SQL Managed Instance database to another geo-region @@ -78,4 +78,4 @@ This script uses the following commands. Each command in the table links to comm For more information about PowerShell, see [Azure PowerShell documentation](/powershell/azure/). -Additional PowerShell script samples for Azure SQL Database can be found in [Azure SQL Database PowerShell scripts](../../database/powershell-script-content-guide.md). \ No newline at end of file +Additional PowerShell script samples for Azure SQL Database can be found in [Azure SQL Database PowerShell scripts](../../database/powershell-script-content-guide.md). diff --git a/azure-sql/managed-instance/server-trust-group-overview.md b/azure-sql/managed-instance/server-trust-group-overview.md index 964dff78554..afadd168d1c 100644 --- a/azure-sql/managed-instance/server-trust-group-overview.md +++ b/azure-sql/managed-instance/server-trust-group-overview.md @@ -4,13 +4,13 @@ titleSuffix: Azure SQL Managed Instance description: Learn about Server Trust Group and how to manage trust between Azure SQL Managed Instances. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: service-overview ms.custom: ms.devlang: ms.topic: conceptual author: sasapopo ms.author: sasapopo -ms.reviewer: sstein, bonova +ms.reviewer: mathoma ms.date: 10/08/2020 --- # Use Server Trust Groups to set up and manage trust between SQL Managed Instances @@ -24,7 +24,7 @@ Server Trust Group is a concept used for managing trust between Azure SQL Manage ## Server Trust Group setup -Server Trust Group can be setup via [Azure PowerShell](https://docs.microsoft.com/powershell/module/az.sql/new-azsqlservertrustgroup) or [Azure CLI](https://docs.microsoft.com/cli/azure/sql/stg). +Server Trust Group can be setup via [Azure PowerShell](/powershell/module/az.sql/new-azsqlservertrustgroup) or [Azure CLI](/cli/azure/sql/stg). The following section describes setup of Server Trust Group using Azure portal. 1. Go to the [Azure portal](https://portal.azure.com/). diff --git a/azure-sql/managed-instance/sql-managed-instance-paas-overview.md b/azure-sql/managed-instance/sql-managed-instance-paas-overview.md index a1fd2742f54..05dabab5ee3 100644 --- a/azure-sql/managed-instance/sql-managed-instance-paas-overview.md +++ b/azure-sql/managed-instance/sql-managed-instance-paas-overview.md @@ -3,13 +3,13 @@ title: What is Azure SQL Managed Instance? description: Learn about how Azure SQL Managed Instance provides near 100% compatibility with the latest SQL Server (Enterprise Edition) database engine services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: service-overview ms.custom: sqldbrb=1 ms.devlang: ms.topic: overview author: bonova ms.author: bonova -ms.reviewer: sstein, vanto +ms.reviewer: mathoma, vanto ms.date: 01/14/2021 --- diff --git a/azure-sql/managed-instance/subnet-service-aided-configuration-enable.md b/azure-sql/managed-instance/subnet-service-aided-configuration-enable.md index 58b4f4211cb..75b3098d656 100644 --- a/azure-sql/managed-instance/subnet-service-aided-configuration-enable.md +++ b/azure-sql/managed-instance/subnet-service-aided-configuration-enable.md @@ -3,8 +3,8 @@ title: Enabling service-aided subnet configuration for Azure SQL Managed Instanc description: Enabling service-aided subnet configuration for Azure SQL Managed Instance services: sql-database ms.service: sql-managed-instance -ms.subservice: operations -ms.custom: +ms.subservice: deployment-configuration +ms.custom: devx-track-azurepowershell ms.devlang: ms.topic: how-to author: srdan-bozovic-msft diff --git a/azure-sql/managed-instance/synchronize-vnet-dns-servers-setting-on-virtual-cluster.md b/azure-sql/managed-instance/synchronize-vnet-dns-servers-setting-on-virtual-cluster.md index 70378acd9c0..b742301a7e5 100644 --- a/azure-sql/managed-instance/synchronize-vnet-dns-servers-setting-on-virtual-cluster.md +++ b/azure-sql/managed-instance/synchronize-vnet-dns-servers-setting-on-virtual-cluster.md @@ -3,10 +3,12 @@ title: Synchronize virtual network DNS servers setting on SQL Managed Instance v description: Learn how synchronize virtual network DNS servers setting on SQL Managed Instance virtual cluster. services: sql-database ms.service: sql-managed-instance +ms.subservice: deployment-configuration author: srdan-bozovic-msft ms.author: srbozovi ms.topic: how-to -ms.date: 01/17/2021 +ms.date: 01/17/2021 +ms.custom: devx-track-azurepowershell --- # Synchronize virtual network DNS servers setting on SQL Managed Instance virtual cluster @@ -29,8 +31,7 @@ If this change is implemented after [virtual cluster](connectivity-architecture- User synchronizing DNS server configuration will need to have one of the following Azure roles: -- Subscription Owner role, or -- Managed Instance Contributor role, or +- Subscription contributor role, or - Custom role with the following permission: - `Microsoft.Sql/virtualClusters/updateManagedInstanceDnsServers/action` diff --git a/azure-sql/managed-instance/tde-certificate-migrate.md b/azure-sql/managed-instance/tde-certificate-migrate.md index 80101a54b04..dc024a40807 100644 --- a/azure-sql/managed-instance/tde-certificate-migrate.md +++ b/azure-sql/managed-instance/tde-certificate-migrate.md @@ -10,7 +10,7 @@ ms.topic: how-to author: MladjoA ms.author: mlandzic ms.reviewer: sstein, jovanpop -ms.date: 07/21/2020 +ms.date: 06/01/2021 --- # Migrate a certificate of a TDE-protected database to Azure SQL Managed Instance @@ -144,7 +144,10 @@ If the certificate is kept in the SQL Server local machine certificate store, it 2. Once all preparation steps are done, run the following commands to upload base-64 encoded certificate to the target managed instance: ```azurepowershell + # If you are using PowerShell 6.0 or higher, run this command: $fileContentBytes = Get-Content 'C:/full_path/TDE_Cert.pfx' -AsByteStream + # If you are using PowerShell 5.x, uncomment and run this command instead of the one above: + # $fileContentBytes = Get-Content 'C:/full_path/TDE_Cert.pfx' -Encoding Byte $base64EncodedCert = [System.Convert]::ToBase64String($fileContentBytes) $securePrivateBlob = $base64EncodedCert | ConvertTo-SecureString -AsPlainText -Force $password = "" @@ -185,4 +188,4 @@ The certificate is now available to the specified managed instance, and the back In this article, you learned how to migrate a certificate protecting the encryption key of a database with Transparent Data Encryption, from the on-premises or IaaS SQL Server instance to Azure SQL Managed Instance. -See [Restore a database backup to a Azure SQL Managed Instance](restore-sample-database-quickstart.md) to learn how to restore a database backup to Azure SQL Managed Instance. \ No newline at end of file +See [Restore a database backup to a Azure SQL Managed Instance](restore-sample-database-quickstart.md) to learn how to restore a database backup to Azure SQL Managed Instance. diff --git a/azure-sql/managed-instance/timezones-overview.md b/azure-sql/managed-instance/timezones-overview.md index 1c4fc39f413..0a49a3110c6 100644 --- a/azure-sql/managed-instance/timezones-overview.md +++ b/azure-sql/managed-instance/timezones-overview.md @@ -3,13 +3,13 @@ title: Azure SQL Managed Instance time zones description: Learn about the time zone specifics of Azure SQL Managed Instance services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: service-overview ms.custom: sqldbrb=1 ms.devlang: ms.topic: reference author: MladjoA ms.author: mlandzic -ms.reviewer: +ms.reviewer: mathoma ms.date: 10/12/2020 --- # Time zones in Azure SQL Managed Instance diff --git a/azure-sql/managed-instance/transact-sql-tsql-differences-sql-server.md b/azure-sql/managed-instance/transact-sql-tsql-differences-sql-server.md index 1c2c3264192..28c14c05f27 100644 --- a/azure-sql/managed-instance/transact-sql-tsql-differences-sql-server.md +++ b/azure-sql/managed-instance/transact-sql-tsql-differences-sql-server.md @@ -3,12 +3,12 @@ title: T-SQL differences between SQL Server & Azure SQL Managed Instance description: This article discusses the Transact-SQL (T-SQL) differences between an Azure SQL Managed Instance and SQL Server. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: service-overview ms.devlang: ms.topic: reference author: danimir ms.author: danil -ms.reviewer: sstein, bonova, danil +ms.reviewer: mathoma, bonova, danil ms.date: 3/16/2021 ms.custom: seoapril2019, sqldbrb=1 --- @@ -401,9 +401,11 @@ Operations: - The `OPENDATASOURCE` function can be used to execute queries only on SQL Server instances. They can be either managed, on-premises, or in virtual machines. Only the `SQLNCLI`, `SQLNCLI11`, and `SQLOLEDB` values are supported as a provider. An example is `SELECT * FROM OPENDATASOURCE('SQLNCLI', '...').AdventureWorks2012.HumanResources.Employee`. See [OPENDATASOURCE](/sql/t-sql/functions/opendatasource-transact-sql). - Linked servers cannot be used to read files (Excel, CSV) from the network shares. Try to use [BULK INSERT](/sql/t-sql/statements/bulk-insert-transact-sql#e-importing-data-from-a-csv-file), [OPENROWSET](/sql/t-sql/functions/openrowset-transact-sql#g-accessing-data-from-a-csv-file-with-a-format-file) that reads CSV files from Azure Blob Storage, or a [linked server that references a serverless SQL pool in Synapse Analytics](https://devblogs.microsoft.com/azure-sql/linked-server-to-synapse-sql-to-implement-polybase-like-scenarios-in-managed-instance/). Track this requests on [SQL Managed Instance Feedback item](https://feedback.azure.com/forums/915676-sql-managed-instance/suggestions/35657887-linked-server-to-non-sql-sources)| +Linkeds servers on Azure SQL Managed Instance support only SQL authentication. AAD authentication is not supported yet. + ### PolyBase -Work on enabling Polybase support in SQL Managed Instance is [in progress](https://feedback.azure.com/forums/915676-sql-managed-instance/suggestions/35698078-enable-polybase-on-sql-managed-instance). In the meantime, as a workaroiund you can use linked servers to [a serverless SQL pool in Synapse Analytics](https://devblogs.microsoft.com/azure-sql/linked-server-to-synapse-sql-to-implement-polybase-like-scenarios-in-managed-instance/) or SQL Server to query data from files stored in Azure Data Lake or Azure Storage. +Work on enabling Polybase support in SQL Managed Instance is [in progress](https://feedback.azure.com/forums/915676-sql-managed-instance/suggestions/35698078-enable-polybase-on-sql-managed-instance). In the meantime, as a workaround you can use linked servers to [a serverless SQL pool in Synapse Analytics](https://devblogs.microsoft.com/azure-sql/linked-server-to-synapse-sql-to-implement-polybase-like-scenarios-in-managed-instance/) or SQL Server to query data from files stored in Azure Data Lake or Azure Storage. For general information about PolyBase, see [PolyBase](/sql/relational-databases/polybase/polybase-guide). ### Replication diff --git a/azure-sql/managed-instance/user-initiated-failover.md b/azure-sql/managed-instance/user-initiated-failover.md index e35b168b7c3..d04f26441d6 100644 --- a/azure-sql/managed-instance/user-initiated-failover.md +++ b/azure-sql/managed-instance/user-initiated-failover.md @@ -3,12 +3,13 @@ title: Manually initiate a failover on SQL Managed Instance description: Learn how to manually failover primary and secondary replicas on Azure SQL Managed Instance. services: sql-database ms.service: sql-managed-instance -ms.custom: seo-lt-2019, sqldbrb=1 +ms.subservice: high-availability +ms.custom: seo-lt-2019, sqldbrb=1, devx-track-azurepowershell ms.devlang: ms.topic: how-to author: danimir ms.author: danil -ms.reviewer: douglas, sstein +ms.reviewer: mathoma ms.date: 02/27/2021 --- diff --git a/azure-sql/managed-instance/virtual-cluster-delete.md b/azure-sql/managed-instance/virtual-cluster-delete.md index db7018ff1a7..e7fb7875692 100644 --- a/azure-sql/managed-instance/virtual-cluster-delete.md +++ b/azure-sql/managed-instance/virtual-cluster-delete.md @@ -3,13 +3,13 @@ title: Delete a subnet after deleting a SQL Managed Instance description: Learn how to delete an Azure virtual network after deleting an Azure SQL Managed Instance. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: deployment-configuration ms.custom: seo-lt-2019, sqldbrb=1 ms.devlang: ms.topic: how-to author: danimir ms.author: danil -ms.reviewer: douglas, sstein +ms.reviewer: mathoma ms.date: 06/26/2019 --- diff --git a/azure-sql/managed-instance/virtual-network-subnet-create-arm-template.md b/azure-sql/managed-instance/virtual-network-subnet-create-arm-template.md index 464c4be12e8..211eff3ec39 100644 --- a/azure-sql/managed-instance/virtual-network-subnet-create-arm-template.md +++ b/azure-sql/managed-instance/virtual-network-subnet-create-arm-template.md @@ -4,7 +4,7 @@ titleSuffix: Azure SQL Managed Instance description: This article describes how to create a virtual network configured to support deploying Azure SQL Managed Instance. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: deployment-configuration ms.custom: sqldbrb=1 ms.devlang: ms.topic: how-to diff --git a/azure-sql/managed-instance/vnet-existing-add-subnet.md b/azure-sql/managed-instance/vnet-existing-add-subnet.md index 34aea8bf148..65f6e7c58b1 100644 --- a/azure-sql/managed-instance/vnet-existing-add-subnet.md +++ b/azure-sql/managed-instance/vnet-existing-add-subnet.md @@ -4,7 +4,7 @@ titleSuffix: Azure SQL Managed Instance description: This article describes how to configure an existing virtual network and subnet where you can deploy Azure SQL Managed Instance. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: deployment-configuration ms.custom: sqldbrb=1 ms.devlang: ms.topic: how-to diff --git a/azure-sql/managed-instance/vnet-subnet-determine-size.md b/azure-sql/managed-instance/vnet-subnet-determine-size.md index 6b3590a613b..bcad708445a 100644 --- a/azure-sql/managed-instance/vnet-subnet-determine-size.md +++ b/azure-sql/managed-instance/vnet-subnet-determine-size.md @@ -4,7 +4,7 @@ titleSuffix: Azure SQL Managed Instance description: This topic describes how to calculate the size of the subnet where Azure SQL Managed Instance will be deployed. services: sql-database ms.service: sql-managed-instance -ms.subservice: operations +ms.subservice: deployment-configuration ms.custom: seo-lt-2019, sqldbrb=1 ms.devlang: ms.topic: how-to diff --git a/azure-sql/migration-guides/database/access-to-sql-database-guide.md b/azure-sql/migration-guides/database/access-to-sql-database-guide.md index f3d71afb468..0ba34b0ac08 100644 --- a/azure-sql/migration-guides/database/access-to-sql-database-guide.md +++ b/azure-sql/migration-guides/database/access-to-sql-database-guide.md @@ -6,8 +6,9 @@ ms.subservice: migration-guide ms.custom: ms.devlang: ms.topic: how-to -author: MashaMSFT -ms.author: mathoma +author: mokabiru +ms.author: mokabiru +ms.reviewer: cawrites ms.date: 03/19/2021 --- diff --git a/azure-sql/migration-guides/database/db2-to-sql-database-guide.md b/azure-sql/migration-guides/database/db2-to-sql-database-guide.md index bf6f5107b8e..d7173f34c19 100644 --- a/azure-sql/migration-guides/database/db2-to-sql-database-guide.md +++ b/azure-sql/migration-guides/database/db2-to-sql-database-guide.md @@ -8,7 +8,7 @@ ms.devlang: ms.topic: how-to author: mokabiru ms.author: mokabiru -ms.reviewer: MashaMSFT +ms.reviewer: cawrites ms.date: 05/14/2021 --- # Migration guide: IBM Db2 to Azure SQL Database diff --git a/azure-sql/migration-guides/database/mysql-to-sql-database-guide.md b/azure-sql/migration-guides/database/mysql-to-sql-database-guide.md index d4c6b4b6116..692a2b7f475 100644 --- a/azure-sql/migration-guides/database/mysql-to-sql-database-guide.md +++ b/azure-sql/migration-guides/database/mysql-to-sql-database-guide.md @@ -6,8 +6,8 @@ ms.subservice: migration-guide ms.custom: ms.devlang: ms.topic: how-to -author: MashaMSFT -ms.author: mathoma +author: cawrites +ms.author: chadam ms.date: 03/19/2021 --- diff --git a/azure-sql/migration-guides/database/oracle-to-sql-database-guide.md b/azure-sql/migration-guides/database/oracle-to-sql-database-guide.md index 9d35f42a97b..5c613a82438 100644 --- a/azure-sql/migration-guides/database/oracle-to-sql-database-guide.md +++ b/azure-sql/migration-guides/database/oracle-to-sql-database-guide.md @@ -6,8 +6,8 @@ ms.subservice: migration-guide ms.custom: ms.devlang: ms.topic: how-to -author: MashaMSFT -ms.author: mathoma +author: cawrites +ms.author: chadam ms.date: 08/25/2020 --- diff --git a/azure-sql/migration-guides/database/sap-ase-to-sql-database.md b/azure-sql/migration-guides/database/sap-ase-to-sql-database.md index 8a3cc686f3e..5d932de237a 100644 --- a/azure-sql/migration-guides/database/sap-ase-to-sql-database.md +++ b/azure-sql/migration-guides/database/sap-ase-to-sql-database.md @@ -6,8 +6,8 @@ ms.subservice: migration-guide ms.custom: ms.devlang: ms.topic: how-to -author: MashaMSFT -ms.author: mathoma +author: cawrites +ms.author: chadam ms.date: 03/19/2021 --- diff --git a/azure-sql/migration-guides/database/sql-server-to-sql-database-assessment-rules.md b/azure-sql/migration-guides/database/sql-server-to-sql-database-assessment-rules.md index 13c4a867333..7ffdedc8684 100644 --- a/azure-sql/migration-guides/database/sql-server-to-sql-database-assessment-rules.md +++ b/azure-sql/migration-guides/database/sql-server-to-sql-database-assessment-rules.md @@ -6,9 +6,9 @@ ms.subservice: migration-guide ms.custom: ms.devlang: ms.topic: how-to -author: MashaMSFT -ms.author: mathoma -ms.reviewer: MashaMSFT +author: mokabiru +ms.author: mokabiru +ms.reviewer: cawrites ms.date: 12/15/2020 --- # Assessment rules for SQL Server to Azure SQL Database migration diff --git a/azure-sql/migration-guides/database/sql-server-to-sql-database-guide.md b/azure-sql/migration-guides/database/sql-server-to-sql-database-guide.md index ad931cd9f1d..725ac0b9e9e 100644 --- a/azure-sql/migration-guides/database/sql-server-to-sql-database-guide.md +++ b/azure-sql/migration-guides/database/sql-server-to-sql-database-guide.md @@ -8,7 +8,7 @@ ms.devlang: ms.topic: how-to author: mokabiru ms.author: mokabiru -ms.reviewer: MashaMSFT +ms.reviewer: cawrites ms.date: 03/19/2021 --- # Migration guide: SQL Server to Azure SQL Database diff --git a/azure-sql/migration-guides/database/sql-server-to-sql-database-overview.md b/azure-sql/migration-guides/database/sql-server-to-sql-database-overview.md index 5ce15949f36..2ec43703f56 100644 --- a/azure-sql/migration-guides/database/sql-server-to-sql-database-overview.md +++ b/azure-sql/migration-guides/database/sql-server-to-sql-database-overview.md @@ -8,7 +8,7 @@ ms.devlang: ms.topic: how-to author: mokabiru ms.author: mokabiru -ms.reviewer: MashaMSFT +ms.reviewer: cawrites ms.date: 11/06/2020 --- # Migration overview: SQL Server to Azure SQL Database diff --git a/azure-sql/migration-guides/index.yml b/azure-sql/migration-guides/index.yml index 40afb8ec486..cff046a1ed1 100644 --- a/azure-sql/migration-guides/index.yml +++ b/azure-sql/migration-guides/index.yml @@ -8,13 +8,13 @@ metadata: description: "Find documentation to help you migrate to Azure SQL, which is a family of SQL Server database engine products in the cloud, from a fully managed database in Azure SQL Database, a fully managed instance in Azure SQL Managed Instance, or SQL Server installed to a virtual machine in Azure." services: sql-database ms.service: sql-database - ms.subservice: service + ms.subservice: migration-guide ms.tgt_pltfrm: na ms.devlang: ms.topic: landing-page - author: MashaMSFT - ms.author: mathoma - ms.reviewer: sstein + author: mokabiru + ms.author: mokabiru + ms.reviewer: cawrites ms.date: 11/06/2020 # linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | video | whats-new diff --git a/azure-sql/migration-guides/managed-instance/db2-to-managed-instance-guide.md b/azure-sql/migration-guides/managed-instance/db2-to-managed-instance-guide.md index 86dfffde31d..768a04cee6e 100644 --- a/azure-sql/migration-guides/managed-instance/db2-to-managed-instance-guide.md +++ b/azure-sql/migration-guides/managed-instance/db2-to-managed-instance-guide.md @@ -8,7 +8,7 @@ ms.devlang: ms.topic: how-to author: mokabiru ms.author: mokabiru -ms.reviewer: MashaMSFT +ms.reviewer: cawrites ms.date: 05/14/2021 --- # Migration guide: IBM Db2 to Azure SQL Managed Instance diff --git a/azure-sql/migration-guides/managed-instance/oracle-to-managed-instance-guide.md b/azure-sql/migration-guides/managed-instance/oracle-to-managed-instance-guide.md index 48c85dfa4cb..ec687709f9d 100644 --- a/azure-sql/migration-guides/managed-instance/oracle-to-managed-instance-guide.md +++ b/azure-sql/migration-guides/managed-instance/oracle-to-managed-instance-guide.md @@ -8,7 +8,7 @@ ms.devlang: ms.topic: how-to author: mokabiru ms.author: mokabiru -ms.reviewer: MashaMSFT +ms.reviewer: cawrites ms.date: 11/06/2020 --- # Migration guide: Oracle to Azure SQL Managed Instance diff --git a/azure-sql/migration-guides/managed-instance/sql-server-to-managed-instance-guide.md b/azure-sql/migration-guides/managed-instance/sql-server-to-managed-instance-guide.md index 7ff87c4993c..e05002da5bf 100644 --- a/azure-sql/migration-guides/managed-instance/sql-server-to-managed-instance-guide.md +++ b/azure-sql/migration-guides/managed-instance/sql-server-to-managed-instance-guide.md @@ -8,7 +8,7 @@ ms.devlang: ms.topic: how-to author: mokabiru ms.author: mokabiru -ms.reviewer: MashaMSFT +ms.reviewer: cawrites ms.date: 11/06/2020 --- # Migration guide: SQL Server to Azure SQL Managed Instance diff --git a/azure-sql/migration-guides/managed-instance/sql-server-to-managed-instance-overview.md b/azure-sql/migration-guides/managed-instance/sql-server-to-managed-instance-overview.md index ee70ba3c318..4958a9c9bd5 100644 --- a/azure-sql/migration-guides/managed-instance/sql-server-to-managed-instance-overview.md +++ b/azure-sql/migration-guides/managed-instance/sql-server-to-managed-instance-overview.md @@ -8,7 +8,7 @@ ms.devlang: ms.topic: how-to author: mokabiru ms.author: mokabiru -ms.reviewer: MashaMSFT +ms.reviewer: cawrites ms.date: 02/18/2020 --- # Migration overview: SQL Server to Azure SQL Managed Instance diff --git a/azure-sql/migration-guides/managed-instance/sql-server-to-managed-instance-performance-baseline.md b/azure-sql/migration-guides/managed-instance/sql-server-to-managed-instance-performance-baseline.md index c7740cfa4dc..e46a56461ba 100644 --- a/azure-sql/migration-guides/managed-instance/sql-server-to-managed-instance-performance-baseline.md +++ b/azure-sql/migration-guides/managed-instance/sql-server-to-managed-instance-performance-baseline.md @@ -6,9 +6,9 @@ ms.subservice: migration-guide ms.custom: ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: mokabiru +author: mokabiru +ms.author: mokabiru +ms.reviewer: mathoma ms.date: 11/06/2020 --- # Migration performance: SQL Server to Azure SQL Managed Instance performance baseline diff --git a/azure-sql/migration-guides/managed-instance/sql-server-to-sql-managed-instance-assessment-rules.md b/azure-sql/migration-guides/managed-instance/sql-server-to-sql-managed-instance-assessment-rules.md index 5379bf9ffa6..106fa67bce8 100644 --- a/azure-sql/migration-guides/managed-instance/sql-server-to-sql-managed-instance-assessment-rules.md +++ b/azure-sql/migration-guides/managed-instance/sql-server-to-sql-managed-instance-assessment-rules.md @@ -6,9 +6,9 @@ ms.subservice: migration-guide ms.custom: ms.devlang: ms.topic: how-to -author: MashaMSFT -ms.author: mathoma -ms.reviewer: MashaMSFT +author: mokabiru +ms.author: mokabiru +ms.reviewer: cawrites ms.date: 12/15/2020 --- # Assessment rules for SQL Server to Azure SQL Managed Instance migration diff --git a/azure-sql/migration-guides/virtual-machines/db2-to-sql-on-azure-vm-guide.md b/azure-sql/migration-guides/virtual-machines/db2-to-sql-on-azure-vm-guide.md index 197c84842d6..b09bc2aa212 100644 --- a/azure-sql/migration-guides/virtual-machines/db2-to-sql-on-azure-vm-guide.md +++ b/azure-sql/migration-guides/virtual-machines/db2-to-sql-on-azure-vm-guide.md @@ -8,7 +8,7 @@ ms.devlang: ms.topic: how-to author: markjones-msft ms.author: markjon -ms.reviewer: mathoma +ms.reviewer: chadam ms.date: 05/14/2021 --- # Migration guide: IBM Db2 to SQL Server on Azure VM diff --git a/azure-sql/migration-guides/virtual-machines/media/sql-server-to-sql-on-azure-vm-individual-databases-guide/virtual-machine-migration-downtime.png b/azure-sql/migration-guides/virtual-machines/media/sql-server-to-sql-on-azure-vm-individual-databases-guide/virtual-machine-migration-downtime.png index e3d5e94a97a..cfc200801d5 100644 Binary files a/azure-sql/migration-guides/virtual-machines/media/sql-server-to-sql-on-azure-vm-individual-databases-guide/virtual-machine-migration-downtime.png and b/azure-sql/migration-guides/virtual-machines/media/sql-server-to-sql-on-azure-vm-individual-databases-guide/virtual-machine-migration-downtime.png differ diff --git a/azure-sql/migration-guides/virtual-machines/oracle-to-sql-on-azure-vm-guide.md b/azure-sql/migration-guides/virtual-machines/oracle-to-sql-on-azure-vm-guide.md index 426b67d8af5..1b396c3563a 100644 --- a/azure-sql/migration-guides/virtual-machines/oracle-to-sql-on-azure-vm-guide.md +++ b/azure-sql/migration-guides/virtual-machines/oracle-to-sql-on-azure-vm-guide.md @@ -8,7 +8,7 @@ ms.devlang: ms.topic: how-to author: mokabiru ms.author: mokabiru -ms.reviewer: MashaMSFT +ms.reviewer: cawrites ms.date: 11/06/2020 --- # Migration guide: Oracle to SQL Server on Azure Virtual Machines diff --git a/azure-sql/migration-guides/virtual-machines/sql-server-availability-group-to-sql-on-azure-vm.md b/azure-sql/migration-guides/virtual-machines/sql-server-availability-group-to-sql-on-azure-vm.md index f6eede2c978..4957877032a 100644 --- a/azure-sql/migration-guides/virtual-machines/sql-server-availability-group-to-sql-on-azure-vm.md +++ b/azure-sql/migration-guides/virtual-machines/sql-server-availability-group-to-sql-on-azure-vm.md @@ -43,7 +43,7 @@ Prepare Azure for migration with the [Server Migration tool](../../../migrate/mi |--- | --- |**Create an Azure Migrate project** | Your Azure account needs Contributor or Owner permissions to [create a new project](../../../migrate/create-manage-projects.md).| |**Verify permissions for your Azure account** | Your Azure account needs Contributor or Owner permissions on the Azure subscription, permissions to register Azure Active Directory (AAD) apps, and User Access Administrator permissions on the Azure subscription to create a Key Vault, to create a VM, and to write to an Azure managed disk. | -|**Set up an Azure virtual network** | [Setup](/virtual-network/manage-virtual-network.md#create-a-virtual-network) an Azure virtual network (VNet). When you replicate to Azure, Azure VMs are created and joined to the Azure VNet that you specify when you set up migration.| +|**Set up an Azure virtual network** | [Setup](/azure/virtual-network/virtual-networks-overview#create-a-virtual-network) an Azure virtual network (VNet). When you replicate to Azure, Azure VMs are created and joined to the Azure VNet that you specify when you set up migration.| To check you have proper permissions, follow these steps: @@ -132,7 +132,7 @@ To install the Mobility service, follow these steps: 1. Sign in to the replication appliance. 1. Navigate to **%ProgramData%\ASR\home\svsystems\pushinstallsvc\repository**. -1. Find the installer for the machine operating system and version. Review [supported operating systems](/site-recovery/vmware-physical-azure-support-matrix.md#replicated-machines). +1. Find the installer for the machine operating system and version. Review [supported operating systems](/azure/site-recovery/vmware-physical-azure-support-matrix#replicated-machines). 1. Copy the installer file to the machine you want to migrate. 1. Make sure that you have the passphrase that was generated when you deployed the appliance. - Store the file in a temporary text file on the machine. @@ -291,7 +291,7 @@ After machines are replicated, they are ready for migration. To migrate your ser ![Replicating servers](../../../migrate/media/tutorial-migrate-physical-virtual-machines/replicate-servers.png) -2. To ensure the migrated server is synchronized with the source server, stop the SQL Server service on every replica in the availability group, starting with secondary replicas (in **SQL Server Configuration Manager** > **Services) while ensuring the disks hosting SQL data are online. +2. To ensure the migrated server is synchronized with the source server, stop the SQL Server service on every replica in the availability group, starting with secondary replicas (in **SQL Server Configuration Manager** > **Services**) while ensuring the disks hosting SQL data are online. 3. In **Replicating machines** > select server name > **Overview**, ensure that the last synchronized timestamp is after you have stopped the SQL Server service on the servers to be migrated before you move onto the next step. This should only take a few minutes. 2. In **Replicating machines**, right-click the VM > **Migrate**. 3. In **Migrate** > **Shut down virtual machines and perform a planned migration with no data loss**, select **No** > **OK**. @@ -322,7 +322,7 @@ Your Always On availability group is ready. - Stops replication for the on-premises machine. - Removes the machine from the **Replicating servers** count in Azure Migrate: Server Migration. - Cleans up replication state information for the machine. -2. Install the Azure VM [Windows](/virtual-machines/extensions/agent-windows.md) agent on the migrated machines. +2. Install the Azure VM [Windows](/azure/virtual-machines/extensions/agent-windows) agent on the migrated machines. 3. Perform any post-migration app tweaks, such as updating database connection strings, and web server configurations. 4. Perform final application and migration acceptance testing on the migrated application now running in Azure. 5. Cut over traffic to the migrated Azure VM instance. @@ -350,4 +350,4 @@ Your Always On availability group is ready. ## Next steps -Investigate the [cloud migration journey](/azure/architecture/cloud-adoption/getting-started/migrate) in the Azure Cloud Adoption Framework. \ No newline at end of file +Investigate the [cloud migration journey](/azure/architecture/cloud-adoption/getting-started/migrate) in the Azure Cloud Adoption Framework. diff --git a/azure-sql/migration-guides/virtual-machines/sql-server-failover-cluster-instance-to-sql-on-azure-vm.md b/azure-sql/migration-guides/virtual-machines/sql-server-failover-cluster-instance-to-sql-on-azure-vm.md index fc26b9379c7..89278f80622 100644 --- a/azure-sql/migration-guides/virtual-machines/sql-server-failover-cluster-instance-to-sql-on-azure-vm.md +++ b/azure-sql/migration-guides/virtual-machines/sql-server-failover-cluster-instance-to-sql-on-azure-vm.md @@ -40,7 +40,7 @@ Prepare Azure for migration with Server Migration. **Task** | **Details** --- | --- -**Create an Azure Migrate project** | Your Azure account needs Contributor or Owner permissions to [create a new project](https://docs.microsoft.com/azure/migrate/create-manage-projects). +**Create an Azure Migrate project** | Your Azure account needs Contributor or Owner permissions to [create a new project](/azure/migrate/create-manage-projects). **Verify permissions for your Azure account** | Your Azure account needs Contributor or Owner permissions on the Azure subscription, permissions to register Azure Active Directory (AAD) apps, and User Access Administrator permissions on the Azure subscription to create a Key Vault, to create a VM, and to write to an Azure managed disk. **Set up an Azure virtual network** | [Setup](../../../virtual-network/manage-virtual-network.md#create-a-virtual-network) an Azure virtual network (VNet). When you replicate to Azure, Azure VMs are created and joined to the Azure VNet that you specify when you set up migration. @@ -128,7 +128,7 @@ To install the Mobility service, follow these steps: 1. Sign in to the replication appliance. 2. Navigate to **%ProgramData%\ASR\home\svsystems\pushinstallsvc\repository**. -3. Find the installer for the machine operating system and version. Review [supported operating systems](/site-recovery/vmware-physical-azure-support-matrix.md#replicated-machines). +3. Find the installer for the machine operating system and version. Review [supported operating systems](/azure/site-recovery/vmware-physical-azure-support-matrix#replicated-machines). 4. Copy the installer file to the machine you want to migrate. 5. Make sure that you have the passphrase that was generated when you deployed the appliance. - Store the file in a temporary text file on the machine. @@ -350,7 +350,7 @@ Your SQL Server failover cluster instance is ready. - Stops replication for the on-premises machine. - Removes the machine from the **Replicating servers** count in Azure Migrate: Server Migration. - Cleans up replication state information for the machine. -1. Install the Azure VM [Windows](/virtual-machines/extensions/agent-windows.md) agent on the migrated machines. +1. Install the Azure VM [Windows](/azure/virtual-machines/extensions/agent-windows) agent on the migrated machines. 1. Perform any post-migration app tweaks, such as updating database connection strings, and web server configurations. 1. Perform final application and migration acceptance testing on the migrated application now running in Azure. 1. Cut over traffic to the migrated Azure VM instance. diff --git a/azure-sql/migration-guides/virtual-machines/sql-server-to-sql-on-azure-vm-individual-databases-guide.md b/azure-sql/migration-guides/virtual-machines/sql-server-to-sql-on-azure-vm-individual-databases-guide.md index beb1fd88cc3..d65d14d9a14 100644 --- a/azure-sql/migration-guides/virtual-machines/sql-server-to-sql-on-azure-vm-individual-databases-guide.md +++ b/azure-sql/migration-guides/virtual-machines/sql-server-to-sql-on-azure-vm-individual-databases-guide.md @@ -8,7 +8,7 @@ ms.devlang: ms.topic: how-to author: markjones-msft ms.author: markjon -ms.reviewer: mathoma +ms.reviewer: chadam ms.date: 03/19/2021 --- @@ -114,7 +114,7 @@ To perform a standard migration by using backup and restore: 1. Pause or stop any applications that are using databases intended for migration. 1. Ensure user databases are inactive by using [single user mode](/sql/relational-databases/databases/set-a-database-to-single-user-mode). 1. Perform a full database backup to an on-premises location. -1. Copy your on-premises backup files to your VM by using a remote desktop, [Azure Data Explorer](/azure/data-explorer/data-explorer-overview), or the [AZCopy command-line utility](../../../storage/common/storage-use-azcopy-v10.md). (Greater than 2-TB backups are recommended.) +1. Copy your on-premises backup files to your VM by using a remote desktop, [Azure Data Explorer](/azure/data-explorer/data-explorer-overview), or the [AzCopy command-line utility](../../../storage/common/storage-use-azcopy-v10.md). (Greater than 2-TB backups are recommended.) 1. Restore full database backups to the SQL Server on Azure Virtual Machines. ### Log shipping (minimize downtime) @@ -124,7 +124,7 @@ To perform a minimal downtime migration by using backup and restore and log ship 1. Set up connectivity to the SQL Server on Azure Virtual Machines based on your requirements. For more information, see [Connect to a SQL Server virtual machine on Azure (Resource Manager)](../../virtual-machines/windows/ways-to-connect-to-sql.md). 1. Ensure on-premises user databases to be migrated are in full or bulk-logged recovery model. 1. Perform a full database backup to an on-premises location, and modify any existing full database backups jobs to use the [COPY_ONLY](/sql/relational-databases/backup-restore/copy-only-backups-sql-server) keyword to preserve the log chain. -1. Copy your on-premises backup files to your VM by using a remote desktop, [Azure Data Explorer](/azure/data-explorer/data-explorer-overview), or the [AZCopy command-line utility](../../../storage/common/storage-use-azcopy-v10.md). (Greater than 1-TB backups are recommended.) +1. Copy your on-premises backup files to your VM by using a remote desktop, [Azure Data Explorer](/azure/data-explorer/data-explorer-overview), or the [AzCopy command-line utility](../../../storage/common/storage-use-azcopy-v10.md). (Greater than 1-TB backups are recommended.) 1. Restore full database backups on SQL Server on Azure Virtual Machines. 1. Set up [log shipping](/sql/database-engine/log-shipping/configure-log-shipping-sql-server) between the on-premises database and SQL Server on Azure Virtual Machines. Be sure not to reinitialize the databases because this task was already completed in the previous steps. 1. Cut over to the target server. @@ -209,4 +209,4 @@ For more information about these issues and the steps to mitigate them, see: - [Get free extended support for SQL Server 2008 and SQL Server 2008 R2](../../virtual-machines/windows/sql-server-2008-extend-end-of-support.md) - To assess the application access layer, see [Data Access Migration Toolkit (preview)](https://marketplace.visualstudio.com/items?itemName=ms-databasemigration.data-access-migration-toolkit). -- For information about how to perform A/B testing for the data access layer, see [Overview of Database Experimentation Assistant](/sql/dea/database-experimentation-assistant-overview). \ No newline at end of file +- For information about how to perform A/B testing for the data access layer, see [Overview of Database Experimentation Assistant](/sql/dea/database-experimentation-assistant-overview). diff --git a/azure-sql/migration-guides/virtual-machines/sql-server-to-sql-on-azure-vm-migration-overview.md b/azure-sql/migration-guides/virtual-machines/sql-server-to-sql-on-azure-vm-migration-overview.md index 8fc88f82c67..78726edf28d 100644 --- a/azure-sql/migration-guides/virtual-machines/sql-server-to-sql-on-azure-vm-migration-overview.md +++ b/azure-sql/migration-guides/virtual-machines/sql-server-to-sql-on-azure-vm-migration-overview.md @@ -8,7 +8,7 @@ ms.devlang: ms.topic: how-to author: markjones-msft ms.author: markjon -ms.reviewer: mathoma +ms.reviewer: chadam ms.date: 11/06/2020 --- diff --git a/azure-sql/multi-model-features.md b/azure-sql/multi-model-features.md index 147098592ca..dc98160e436 100644 --- a/azure-sql/multi-model-features.md +++ b/azure-sql/multi-model-features.md @@ -3,13 +3,13 @@ title: Multi-model capabilities description: Microsoft Azure SQL enables you to work with multiple data models in the same database. services: sql-database ms.service: sql-db-mi -ms.subservice: features +ms.subservice: service-overview ms.custom: sqldbrb=2 ms.devlang: ms.topic: conceptual author: jovanpop-msft ms.author: jovanpop -ms.reviewer: +ms.reviewer: mathoma ms.date: 12/17/2018 --- # Multi-model capabilities of Azure SQL Database & SQL Managed Instance diff --git a/azure-sql/performance-improve-use-batching.md b/azure-sql/performance-improve-use-batching.md index 2444c3af34a..565a63ef12e 100644 --- a/azure-sql/performance-improve-use-batching.md +++ b/azure-sql/performance-improve-use-batching.md @@ -3,13 +3,13 @@ title: How to use batching to improve application performance description: The topic provides evidence that batching database operations greatly improves the speed and scalability of your Azure SQL Database and Azure SQL Managed Instance applications. Although these batching techniques work for any SQL database, the focus of the article is on Azure. services: sql-database ms.service: sql-database -ms.subservice: development +ms.subservice: performance ms.custom: sqldbrb=2 ms.devlang: ms.topic: how-to -author: stevestein -ms.author: sstein -ms.reviewer: genemi +author: WilliamDAssafMSFT +ms.author: wiassaf +ms.reviewer: mathoma ms.date: 01/25/2019 --- # How to use batching to improve Azure SQL Database and Azure SQL Managed Instance application performance diff --git a/azure-sql/public-data-sets.md b/azure-sql/public-data-sets.md index 4083dea6285..d3a5da81822 100644 --- a/azure-sql/public-data-sets.md +++ b/azure-sql/public-data-sets.md @@ -7,9 +7,9 @@ ms.subservice: development ms.custom: sqldbrb=2 ms.devlang: ms.topic: reference -author: stevestein -ms.author: sstein -ms.reviewer: +author: VanMSFT +ms.author: vanto +ms.reviewer: mathoma ms.date: 10/01/2018 --- # Public data sets for testing and prototyping diff --git a/azure-sql/temporal-tables.md b/azure-sql/temporal-tables.md index e9b42d6bf77..e0f85941b93 100644 --- a/azure-sql/temporal-tables.md +++ b/azure-sql/temporal-tables.md @@ -3,13 +3,13 @@ title: Getting started with temporal tables description: Learn how to get started with using temporal tables in Azure SQL Database and Azure SQL Managed Instance. services: sql-database ms.service: sql-db-mi -ms.subservice: development +ms.subservice: performance ms.custom: sqldbrb=2 ms.devlang: ms.topic: how-to -author: bonova -ms.author: bonova -ms.reviewer: sstein +author: MladjoA +ms.author: mlandzic +ms.reviewer: mathoma ms.date: 06/26/2019 --- # Getting started with temporal tables in Azure SQL Database and Azure SQL Managed Instance diff --git a/azure-sql/toc.yml b/azure-sql/toc.yml index 328d5d9c60f..1980dc6b2b7 100644 --- a/azure-sql/toc.yml +++ b/azure-sql/toc.yml @@ -315,6 +315,9 @@ - name: ARM template displayName: Resource Manager href: database/single-database-create-arm-template-quickstart.md + - name: With ledger and digest storage + displayName: Create Azure SQL Database with ledger + href: database/ledger-create-a-single-database-with-ledger-enabled.md - name: Configure items: - name: Server-level IP firewall rules @@ -460,14 +463,32 @@ href: database/auditing-overview.md - name: Audit log format href: database/audit-log-format.md - - name: Network access controls - href: database/network-access-controls-overview.md - name: DNS aliases href: database/dns-alias-overview.md - - name: VNet endpoints - href: database/vnet-service-endpoint-rule-overview.md + - name: Ledger + items: + - name: Ledger + href: database/ledger-landing.yml + - name: Ledger overview + href: database/ledger-overview.md + - name: Database ledger + href: database/ledger-database-ledger.md + - name: Updatable ledger tables + href: database/ledger-updatable-ledger-tables.md + - name: Append-only ledger tables + href: database/ledger-append-only-ledger-tables.md + - name: Digest management and database verification + href: database/ledger-digest-management-and-database-verification.md + - name: Ledger auditing + href: database/ledger-audit.md + - name: Ledger limitations + href: database/ledger-limits.md + - name: Network access controls + href: database/network-access-controls-overview.md - name: Private Link href: database/private-endpoint-overview.md + - name: VNet endpoints + href: database/vnet-service-endpoint-rule-overview.md - name: Database sharding items: @@ -551,6 +572,17 @@ href: database/dynamic-data-masking-configure-portal.md - name: IP-based firewall href: database/firewall-configure.md + - name: Ledger + items: + - name: Create append-only ledger tables + href: database/ledger-how-to-append-only-ledger-tables.md + - name: Create updatable ledger tables + href: database/ledger-how-to-updatable-ledger-tables.md + - name: Access Azure Confidential Ledger digest + displayName: Access Azure Confidential Ledger digest + href: database/ledger-how-to-access-acl-digest.md + - name: Verify ledger database for tampering + href: database/ledger-verify-database.md - name: vNet endpoints - PowerShell href: database/scripts/vnet-service-endpoint-rule-powershell-create.md @@ -1174,8 +1206,8 @@ href: virtual-machines/windows/azure-key-vault-integration-configure.md - name: Migrate storage to UltraSSD href: virtual-machines/windows/storage-migrate-to-ultradisk.md - - name: Enable SQL Vulnerability Assessment - href: virtual-machines/windows/sql-vulnerability-assessment-enable.md + - name: Enable SQL vulnerability assessments + href: ../security-center/defender-for-sql-on-machines-vulnerability-assessment.md - name: Install SQL IaaS Agent extension displayName: resource provider, registration, sql vm rp items: diff --git a/azure-sql/updates/ssl-root-certificate-expiring.md b/azure-sql/updates/ssl-root-certificate-expiring.md index 78e1127678d..0176bcd4f9a 100644 --- a/azure-sql/updates/ssl-root-certificate-expiring.md +++ b/azure-sql/updates/ssl-root-certificate-expiring.md @@ -4,7 +4,7 @@ description: Learn about the upcoming changes of root certificate changes that w author: srdan-bozovic-msft ms.author: srbozovi ms.service: sql-db-mi -ms.subservice: service +ms.subservice: security ms.topic: conceptual ms.date: 09/13/2020 --- diff --git a/azure-sql/virtual-machines/index.yml b/azure-sql/virtual-machines/index.yml index ff613186ae0..1ee3ee21c79 100644 --- a/azure-sql/virtual-machines/index.yml +++ b/azure-sql/virtual-machines/index.yml @@ -8,6 +8,7 @@ metadata: description: Find documentation about SQL Server installed to Azure virtual machines, both Windows and Linux. services: virtual-machines-sql ms.service: virtual-machines-sql + ms.subservice: service-overview ms.topic: landing-page author: MashaMSFT ms.author: mathoma diff --git a/azure-sql/virtual-machines/windows/automated-backup-sql-2014.md b/azure-sql/virtual-machines/windows/automated-backup-sql-2014.md index 878d6123b14..c426e8c4d8f 100644 --- a/azure-sql/virtual-machines/windows/automated-backup-sql-2014.md +++ b/azure-sql/virtual-machines/windows/automated-backup-sql-2014.md @@ -14,7 +14,8 @@ ms.tgt_pltfrm: vm-windows-sql-server ms.workload: iaas-sql-server ms.date: 05/03/2018 ms.author: mathoma -ms.reviewer: jroth +ms.reviewer: jroth +ms.custom: devx-track-azurepowershell --- # Automated Backup for SQL Server 2014 virtual machines (Resource Manager) @@ -276,4 +277,4 @@ You can find additional backup and restore guidance for SQL Server on Azure VMs For information about other available automation tasks, see [SQL Server IaaS Agent Extension](sql-server-iaas-agent-extension-automate-management.md). -For more information about running SQL Server on Azure VMs, see [SQL Server on Azure virtual machines overview](sql-server-on-azure-vm-iaas-what-is-overview.md). \ No newline at end of file +For more information about running SQL Server on Azure VMs, see [SQL Server on Azure virtual machines overview](sql-server-on-azure-vm-iaas-what-is-overview.md). diff --git a/azure-sql/virtual-machines/windows/automated-backup.md b/azure-sql/virtual-machines/windows/automated-backup.md index a1be8c3c6bf..a92ebae099e 100644 --- a/azure-sql/virtual-machines/windows/automated-backup.md +++ b/azure-sql/virtual-machines/windows/automated-backup.md @@ -14,7 +14,8 @@ ms.tgt_pltfrm: vm-windows-sql-server ms.workload: iaas-sql-server ms.date: 05/03/2018 ms.author: mathoma -ms.reviewer: jroth +ms.reviewer: jroth +ms.custom: devx-track-azurepowershell --- # Automated Backup v2 for Azure virtual machines (Resource Manager) @@ -324,4 +325,4 @@ You can find additional backup and restore guidance for SQL Server on Azure VMs For information about other available automation tasks, see [SQL Server IaaS Agent Extension](sql-server-iaas-agent-extension-automate-management.md). -For more information about running SQL Server on Azure VMs, see [SQL Server on Azure virtual machines overview](sql-server-on-azure-vm-iaas-what-is-overview.md). \ No newline at end of file +For more information about running SQL Server on Azure VMs, see [SQL Server on Azure virtual machines overview](sql-server-on-azure-vm-iaas-what-is-overview.md). diff --git a/azure-sql/virtual-machines/windows/automated-patching.md b/azure-sql/virtual-machines/windows/automated-patching.md index ed2e664730d..6c978ebb984 100644 --- a/azure-sql/virtual-machines/windows/automated-patching.md +++ b/azure-sql/virtual-machines/windows/automated-patching.md @@ -15,7 +15,8 @@ ms.tgt_pltfrm: vm-windows-sql-server ms.workload: iaas-sql-server ms.date: 03/07/2018 ms.author: mathoma -ms.reviewer: jroth +ms.reviewer: jroth +ms.custom: devx-track-azurepowershell --- # Automated Patching for SQL Server on Azure virtual machines (Resource Manager) [!INCLUDE[appliesto-sqlvm](../../includes/appliesto-sqlvm.md)] diff --git a/azure-sql/virtual-machines/windows/availability-group-az-commandline-configure.md b/azure-sql/virtual-machines/windows/availability-group-az-commandline-configure.md index f327c673463..7394e602987 100644 --- a/azure-sql/virtual-machines/windows/availability-group-az-commandline-configure.md +++ b/azure-sql/virtual-machines/windows/availability-group-az-commandline-configure.md @@ -14,7 +14,7 @@ ms.workload: iaas-sql-server ms.date: 08/20/2020 ms.author: mathoma ms.reviewer: jroth -ms.custom: "seo-lt-2019, devx-track-azurecli" +ms.custom: "seo-lt-2019, devx-track-azurecli, devx-track-azurepowershell" --- # Use PowerShell or Az CLI to configure an availability group for SQL Server on Azure VM @@ -523,4 +523,4 @@ For more information, see the following articles: * [Administration of an availability group (SQL Server)](/sql/database-engine/availability-groups/windows/administration-of-an-availability-group-sql-server) * [Monitoring of availability groups (SQL Server)](/sql/database-engine/availability-groups/windows/monitoring-of-availability-groups-sql-server) * [Overview of Transact-SQL statements for Always On availability groups (SQL Server)](/sql/database-engine/availability-groups/windows/transact-sql-statements-for-always-on-availability-groups) -* [Overview of PowerShell cmdlets for Always On availability groups (SQL Server)](/sql/database-engine/availability-groups/windows/overview-of-powershell-cmdlets-for-always-on-availability-groups-sql-server) \ No newline at end of file +* [Overview of PowerShell cmdlets for Always On availability groups (SQL Server)](/sql/database-engine/availability-groups/windows/overview-of-powershell-cmdlets-for-always-on-availability-groups-sql-server) diff --git a/azure-sql/virtual-machines/windows/availability-group-azure-portal-configure.md b/azure-sql/virtual-machines/windows/availability-group-azure-portal-configure.md index 98405857359..446c2bf7d19 100644 --- a/azure-sql/virtual-machines/windows/availability-group-azure-portal-configure.md +++ b/azure-sql/virtual-machines/windows/availability-group-azure-portal-configure.md @@ -14,7 +14,7 @@ ms.workload: iaas-sql-server ms.date: 08/20/2020 ms.author: mathoma ms.reviewer: jroth -ms.custom: "seo-lt-2019, devx-track-azurecli" +ms.custom: "seo-lt-2019, devx-track-azurecli, devx-track-azurepowershell" --- # Use Azure portal to configure an availability group (Preview) for SQL Server on Azure VM diff --git a/azure-sql/virtual-machines/windows/availability-group-listener-powershell-configure.md b/azure-sql/virtual-machines/windows/availability-group-listener-powershell-configure.md index f3852a49817..2072ba7b090 100644 --- a/azure-sql/virtual-machines/windows/availability-group-listener-powershell-configure.md +++ b/azure-sql/virtual-machines/windows/availability-group-listener-powershell-configure.md @@ -13,7 +13,7 @@ ms.tgt_pltfrm: vm-windows-sql-server ms.workload: iaas-sql-server ms.date: 02/06/2019 ms.author: mathoma -ms.custom: "seo-lt-2019" +ms.custom: "seo-lt-2019, devx-track-azurepowershell" --- # Configure one or more Always On availability group listeners - Resource Manager @@ -247,4 +247,4 @@ Use the following PowerShell cmdlets to create an internal load balancer for Azu * [New-AzLoadBalancerRuleConfig](/powershell/module/Azurerm.Network/New-AzureRmLoadBalancerRuleConfig) creates a rule configuration for a load balancer. * [New-AzLoadBalancerBackendAddressPoolConfig](/powershell/module/Azurerm.Network/New-AzureRmLoadBalancerBackendAddressPoolConfig) creates a backend address pool configuration for a load balancer. * [New-AzLoadBalancerProbeConfig](/powershell/module/Azurerm.Network/New-AzureRmLoadBalancerProbeConfig) creates a probe configuration for a load balancer. -* [Remove-AzLoadBalancer](/powershell/module/Azurerm.Network/Remove-AzureRmLoadBalancer) removes a load balancer from an Azure resource group. \ No newline at end of file +* [Remove-AzLoadBalancer](/powershell/module/Azurerm.Network/Remove-AzureRmLoadBalancer) removes a load balancer from an Azure resource group. diff --git a/azure-sql/virtual-machines/windows/availability-group-quickstart-template-configure.md b/azure-sql/virtual-machines/windows/availability-group-quickstart-template-configure.md index d8a488568f2..b196e1c949f 100644 --- a/azure-sql/virtual-machines/windows/availability-group-quickstart-template-configure.md +++ b/azure-sql/virtual-machines/windows/availability-group-quickstart-template-configure.md @@ -15,7 +15,7 @@ ms.workload: iaas-sql-server ms.date: 01/04/2019 ms.author: mathoma ms.reviewer: jroth -ms.custom: "seo-lt-2019" +ms.custom: "seo-lt-2019, devx-track-azurepowershell" --- # Use Azure quickstart templates to configure an availability group for SQL Server on Azure VM @@ -229,4 +229,4 @@ For more information, see the following articles: * [FAQ for SQL Server VMs](frequently-asked-questions-faq.md) * [Pricing guidance for SQL Server VMs](pricing-guidance.md) * [Release notes for SQL Server VMs](../../database/doc-changes-updates-release-notes.md) -* [Switching licensing models for a SQL Server VM](licensing-model-azure-hybrid-benefit-ahb-change.md) \ No newline at end of file +* [Switching licensing models for a SQL Server VM](licensing-model-azure-hybrid-benefit-ahb-change.md) diff --git a/azure-sql/virtual-machines/windows/create-sql-vm-resource-manager-template.md b/azure-sql/virtual-machines/windows/create-sql-vm-resource-manager-template.md index 32e8fc17e39..65d47bc7a16 100644 --- a/azure-sql/virtual-machines/windows/create-sql-vm-resource-manager-template.md +++ b/azure-sql/virtual-machines/windows/create-sql-vm-resource-manager-template.md @@ -3,7 +3,7 @@ title: Create SQL Server VM using an ARM template description: Learn how to create a SQL Server on Azure Virtual Machine (VM) by using an Azure Resource Manager template (ARM template). author: MashaMSFT ms.topic: quickstart -ms.custom: subject-armqs +ms.custom: subject-armqs, devx-track-azurepowershell ms.author: mathoma ms.date: 06/29/2020 ms.service: virtual-machines-sql @@ -122,4 +122,4 @@ For other ways to deploy a SQL Server VM, see: - [Azure portal](create-sql-vm-portal.md) - [PowerShell](create-sql-vm-powershell.md) -To learn more, see [an overview of SQL Server on Azure VMs](sql-server-on-azure-vm-iaas-what-is-overview.md). \ No newline at end of file +To learn more, see [an overview of SQL Server on Azure VMs](sql-server-on-azure-vm-iaas-what-is-overview.md). diff --git a/azure-sql/virtual-machines/windows/doc-changes-updates-release-notes.md b/azure-sql/virtual-machines/windows/doc-changes-updates-release-notes.md index 2427d41e3b6..94381065804 100644 --- a/azure-sql/virtual-machines/windows/doc-changes-updates-release-notes.md +++ b/azure-sql/virtual-machines/windows/doc-changes-updates-release-notes.md @@ -7,6 +7,7 @@ ms.author: mathoma tags: azure-service-management ms.assetid: 2fa5ee6b-51a6-4237-805f-518e6c57d11b ms.service: virtual-machines-sql +ms.subservice: service-overview ms.topic: reference ms.tgt_pltfrm: vm-windows-sql-server ms.workload: iaas-sql-server diff --git a/azure-sql/virtual-machines/windows/failover-cluster-instance-azure-shared-disks-manually-configure.md b/azure-sql/virtual-machines/windows/failover-cluster-instance-azure-shared-disks-manually-configure.md index 2d129cfd956..e67efa23987 100644 --- a/azure-sql/virtual-machines/windows/failover-cluster-instance-azure-shared-disks-manually-configure.md +++ b/azure-sql/virtual-machines/windows/failover-cluster-instance-azure-shared-disks-manually-configure.md @@ -6,10 +6,9 @@ documentationCenter: na author: MashaMSFT editor: monicar tags: azure-service-management - ms.service: virtual-machines-sql - -ms.custom: na +ms.subservice: hadr +ms.custom: na, devx-track-azurepowershell ms.topic: how-to ms.tgt_pltfrm: vm-windows-sql-server ms.workload: iaas-sql-server diff --git a/azure-sql/virtual-machines/windows/failover-cluster-instance-premium-file-share-manually-configure.md b/azure-sql/virtual-machines/windows/failover-cluster-instance-premium-file-share-manually-configure.md index 37c800707cd..5cc050a7737 100644 --- a/azure-sql/virtual-machines/windows/failover-cluster-instance-premium-file-share-manually-configure.md +++ b/azure-sql/virtual-machines/windows/failover-cluster-instance-premium-file-share-manually-configure.md @@ -8,7 +8,7 @@ editor: monicar tags: azure-service-management ms.service: virtual-machines-sql ms.subservice: hadr -ms.custom: na +ms.custom: na, devx-track-azurepowershell ms.topic: how-to ms.tgt_pltfrm: vm-windows-sql-server ms.workload: iaas-sql-server diff --git a/azure-sql/virtual-machines/windows/failover-cluster-instance-storage-spaces-direct-manually-configure.md b/azure-sql/virtual-machines/windows/failover-cluster-instance-storage-spaces-direct-manually-configure.md index 7117a6a8597..c44ce441c12 100644 --- a/azure-sql/virtual-machines/windows/failover-cluster-instance-storage-spaces-direct-manually-configure.md +++ b/azure-sql/virtual-machines/windows/failover-cluster-instance-storage-spaces-direct-manually-configure.md @@ -8,7 +8,7 @@ editor: monicar tags: azure-service-management ms.service: virtual-machines-sql ms.subservice: hadr -ms.custom: na +ms.custom: na, devx-track-azurepowershell ms.topic: how-to ms.tgt_pltfrm: vm-windows-sql-server ms.workload: iaas-sql-server @@ -252,4 +252,4 @@ To learn more, see an overview of [FCI with SQL Server on Azure VMs](failover-cl For more information, see: - [Windows cluster technologies](/windows-server/failover-clustering/failover-clustering-overview) -- [SQL Server failover cluster instances](/sql/sql-server/failover-clusters/windows/always-on-failover-cluster-instances-sql-server) \ No newline at end of file +- [SQL Server failover cluster instances](/sql/sql-server/failover-clusters/windows/always-on-failover-cluster-instances-sql-server) diff --git a/azure-sql/virtual-machines/windows/frequently-asked-questions-faq.md b/azure-sql/virtual-machines/windows/frequently-asked-questions-faq.md index 5f5efa28b9a..59d7cb56e23 100644 --- a/azure-sql/virtual-machines/windows/frequently-asked-questions-faq.md +++ b/azure-sql/virtual-machines/windows/frequently-asked-questions-faq.md @@ -8,7 +8,7 @@ editor: '' tags: azure-service-management ms.assetid: 2fa5ee6b-51a6-4237-805f-518e6c57d11b ms.service: virtual-machines-sql - +ms.subservice: service-overview ms.topic: troubleshooting ms.tgt_pltfrm: vm-windows-sql-server ms.workload: iaas-sql-server @@ -224,7 +224,7 @@ This article provides answers to some of the most common questions about running 1. **Are SQL Server failover cluster instances (FCI) supported on Azure VMs?** - Yes. You can install a failover cluster instance using either [premium file shares (PFS)](failover-cluster-instance-premium-file-share-manually-configure.md) or [storage spaces direct (S2D)](failover-cluster-instance-storage-spaces-direct-manually-configure.md) for the storage subsystem. Premium file shares provide IOPS and throughput capacities that will meet the needs of many workloads. For IO-intensive workloads, consider using storage spaces direct based on manged premium or ultra-disks. Alternatively, you can use third-party clustering or storage solutions as described in [High availability and disaster recovery for SQL Server on Azure Virtual Machines](business-continuity-high-availability-disaster-recovery-hadr-overview.md#azure-only-high-availability-solutions). + Yes. You can configure a [failover cluster instance](failover-cluster-instance-overview.md) using [Azure shared disks](failover-cluster-instance-azure-shared-disks-manually-configure.md), [premium file shares (PFS)](failover-cluster-instance-premium-file-share-manually-configure.md), or [storage spaces direct (S2D)](failover-cluster-instance-storage-spaces-direct-manually-configure.md) for the storage subsystem. Premium file shares provide IOPS and throughput capacities that meet the needs of many workloads. For IO-intensive workloads, consider using storage spaces direct based on managed premium or ultra-disks. Alternatively, you can use third-party clustering or storage solutions as described in [High availability and disaster recovery for SQL Server on Azure Virtual Machines](business-continuity-high-availability-disaster-recovery-hadr-overview.md#azure-only-high-availability-solutions). > [!IMPORTANT] > At this time, the _full_ [SQL Server IaaS Agent Extension](sql-server-iaas-agent-extension-automate-management.md) is not supported for SQL Server FCI on Azure. We recommend that you uninstall the _full_ extension from VMs that participate in the FCI, and install the extension in _lightweight_ mode instead. This extension supports features, such as Automated Backup and Patching and some portal features for SQL Server. These features will not work for SQL Server VMs after the _full_ agent is uninstalled. @@ -284,6 +284,10 @@ This article provides answers to some of the most common questions about running No. The SQL Server license type is not an optional property when you're registering with the SQL IaaS Agent extension. You have to set the SQL Server license type as pay-as-you-go or Azure Hybrid Benefit when registering with the SQL IaaS Agent extension in all manageability modes (NoAgent, lightweight, and full). If you have any of the free versions of SQL Server installed, such as Developer or Evaluation edition, you must register with pay-as-you-go licensing. Azure Hybrid Benefit is only available for paid versions of SQL Server such as Enterprise and Standard editions. +1. **What is the default license type when using the automatic registration feature?** + + The license type automatically defaults to that of the VM image. If you use a pay-as-you-go image for your VM, then your license type will be `PAYG`, otherwise your license type will be `AHUB` by default. + 1. **Can I upgrade the SQL Server IaaS extension from NoAgent mode to full mode?** No. Upgrading the manageability mode to full or lightweight is not available for NoAgent mode. This is a technical limitation of Windows Server 2008. You will need to upgrade the OS first to Windows Server 2008 R2 or greater, and then you will be able to upgrade to full management mode. @@ -350,4 +354,4 @@ This article provides answers to some of the most common questions about running * [Overview of SQL Server on a Linux VM](../linux/sql-server-on-linux-vm-what-is-iaas-overview.md) * [Provision SQL Server on a Linux VM](../linux/sql-vm-create-portal-quickstart.md) * [FAQ (Linux)](../linux/frequently-asked-questions-faq.md) -* [SQL Server on Linux documentation](/sql/linux/sql-server-linux-overview) \ No newline at end of file +* [SQL Server on Linux documentation](/sql/linux/sql-server-linux-overview) diff --git a/azure-sql/virtual-machines/windows/licensing-model-azure-hybrid-benefit-ahb-change.md b/azure-sql/virtual-machines/windows/licensing-model-azure-hybrid-benefit-ahb-change.md index 28e11df2924..51b35c9de44 100644 --- a/azure-sql/virtual-machines/windows/licensing-model-azure-hybrid-benefit-ahb-change.md +++ b/azure-sql/virtual-machines/windows/licensing-model-azure-hybrid-benefit-ahb-change.md @@ -13,7 +13,8 @@ ms.subservice: management ms.workload: iaas-sql-server ms.date: 11/13/2019 ms.author: mathoma -ms.reviewer: jroth +ms.reviewer: jroth +ms.custom: devx-track-azurepowershell --- # Change the license model for a SQL virtual machine in Azure diff --git a/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-checklist.md b/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-checklist.md index 15ef322259b..0ab6b535bbe 100644 --- a/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-checklist.md +++ b/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-checklist.md @@ -7,6 +7,7 @@ author: dplessMSFT editor: '' tags: azure-service-management ms.service: virtual-machines-sql +ms.subservice: performance ms.devlang: na ms.topic: conceptual ms.tgt_pltfrm: vm-windows-sql-server @@ -63,8 +64,6 @@ The following is a quick checklist of storage configuration best practices for r - Always stop the SQL Server service before changing the cache settings of your disk. - For development and test workloads consider using standard storage. It is not recommended to use Standard HDD/SDD for production workloads. - [Credit-based Disk Bursting](../../../virtual-machines/disk-bursting.md#credit-based-bursting) (P1-P20) should only be considered for smaller dev/test workloads and departmental systems. -- Provision the storage account in the same region as the SQL Server VM. -- Disable Azure geo-redundant storage (geo-replication) and use LRS (local redundant storage) on the storage account. - Format your data disk to use 64 KB allocation unit size for all data files placed on a drive other than the temporary `D:\` drive (which has a default of 4 KB). SQL Server VMs deployed through Azure Marketplace come with data disks formatted with allocation unit size and interleave for the storage pool set to 64 KB. To learn more, see the comprehensive [Storage best practices](performance-guidelines-best-practices-storage.md). @@ -104,7 +103,7 @@ The following is a quick checklist of best practices for Azure-specific guidance - Leverage the best [backup and restore strategy](backup-restore.md#decision-matrix) for your SQL Server workload. - Ensure [Accelerated Networking is enabled](../../../virtual-network/create-vm-accelerated-networking-cli.md#portal-creation) on the virtual machine. - Leverage [Azure Security Center](../../../security-center/index.yml) to improve the overall security posture of your virtual machine deployment. -- Leverage [Azure Defender](../../../security-center/azure-defender.md), integrated with [Azure Security Center](https://azure.microsoft.com/services/security-center/), for specific [SQL Server VM coverage](../../../security-center/defender-for-sql-introduction.md) including vulnerability assessments, and just-in-time access, which reduces the attack service while allowing legitimate users to access virtual machines when necessary. To learn more, see [vulnerability assessments](../../../security-center/defender-for-sql-on-machines-vulnerability-assessment.md), [enable vulnerability assessments for SQL Server VMs](sql-vulnerability-assessment-enable.md) and [just-in-time access](../../../security-center/just-in-time-explained.md). +- Leverage [Azure Defender](../../../security-center/azure-defender.md), integrated with [Azure Security Center](https://azure.microsoft.com/services/security-center/), for specific [SQL Server VM coverage](../../../security-center/defender-for-sql-introduction.md) including vulnerability assessments, and just-in-time access, which reduces the attack service while allowing legitimate users to access virtual machines when necessary. To learn more, see [vulnerability assessments](../../../security-center/defender-for-sql-on-machines-vulnerability-assessment.md), [enable vulnerability assessments for SQL Server VMs](../../../security-center/defender-for-sql-on-machines-vulnerability-assessment.md) and [just-in-time access](../../../security-center/just-in-time-explained.md). - Leverage [Azure Advisor](../../../advisor/advisor-overview.md) to address [performance](../../../advisor/advisor-performance-recommendations.md), [cost](../../../advisor/advisor-cost-recommendations.md), [reliability](../../../advisor/advisor-high-availability-recommendations.md), [operational excellence](../../../advisor/advisor-operational-excellence-recommendations.md), and [security recommendations](../../../advisor/advisor-security-recommendations.md). - Leverage [Azure Monitor](../../../azure-monitor/vm/quick-monitor-azure-vm.md) to collect, analyze, and act on telemetry data from your SQL Server environment. This includes identifying infrastructure issues with [VM insights](../../../azure-monitor/vm/vminsights-overview.md) and monitoring data with [Log Analytics](../../../azure-monitor/logs/log-query-overview.md) for deeper diagnostics. - Enable [Auto-shutdown](../../../automation/automation-solution-vm-management.md) for development and test environments. diff --git a/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-collect-baseline.md b/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-collect-baseline.md index 25c49f1819d..b6dbfceafc1 100644 --- a/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-collect-baseline.md +++ b/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-collect-baseline.md @@ -8,6 +8,7 @@ editor: '' tags: azure-service-management ms.assetid: a0c85092-2113-4982-b73a-4e80160bac36 ms.service: virtual-machines-sql +ms.subservice: performance ms.devlang: na ms.topic: conceptual ms.tgt_pltfrm: vm-windows-sql-server @@ -57,7 +58,7 @@ Make sure to understand both throughput and IOPS requirements of the workload as Track both external memory used by the OS as well as the memory used internally by SQL Server. Identifying pressure for either component will help size virtual machines and identify opportunities for tuning. The following PerfMon counters can help validate the memory health of a SQL Server virtual machine: -* [\Memory\Available MBytes](/azure/monitoring/infrastructure-health/vmhealth-windows/winserver-memory-availmbytes) +* \Memory\Available MBytes * [\SQLServer:Memory Manager\Target Server Memory (KB)](/sql/relational-databases/performance-monitor/sql-server-buffer-manager-object) * [\SQLServer:Memory Manager\Total Server Memory (KB)](/sql/relational-databases/performance-monitor/sql-server-buffer-manager-object) * [\SQLServer:Buffer Manager\Lazy writes/sec](/sql/relational-databases/performance-monitor/sql-server-buffer-manager-object) diff --git a/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-storage.md b/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-storage.md index c82c9e71f0f..dab16b1016a 100644 --- a/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-storage.md +++ b/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-storage.md @@ -8,6 +8,7 @@ editor: '' tags: azure-service-management ms.assetid: a0c85092-2113-4982-b73a-4e80160bac36 ms.service: virtual-machines-sql +ms.subservice: performance ms.devlang: na ms.topic: conceptual ms.tgt_pltfrm: vm-windows-sql-server @@ -45,8 +46,6 @@ Review the following checklist for a brief overview of the storage best practice - Always stop the SQL Server service before changing the cache settings of your disk. - For development and test workloads, and long-term backup archival consider using standard storage. It is not recommended to use Standard HDD/SDD for production workloads. - [Credit-based Disk Bursting](../../../virtual-machines/disk-bursting.md#credit-based-bursting) (P1-P20) should only be considered for smaller dev/test workloads and departmental systems. -- Provision the storage account in the same region as the SQL Server VM. -- Disable Azure geo-redundant storage (geo-replication) and use LRS (local redundant storage) on the storage account. - Format your data disk to use 64 KB block size (allocation unit size) for all data files placed on a drive other than the temporary `D:\` drive (which has a default of 4 KB). SQL Server VMs deployed through Azure Marketplace come with data disks formatted with a block size and interleave for the storage pool set to 64 KB. To compare the storage checklist with the others, see the comprehensive [Performance best practices checklist](performance-guidelines-best-practices-checklist.md). diff --git a/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-vm-size.md b/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-vm-size.md index 73e18bfc1d7..b0137d00546 100644 --- a/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-vm-size.md +++ b/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-vm-size.md @@ -7,6 +7,7 @@ author: dplessMSFT editor: '' tags: azure-service-management ms.service: virtual-machines-sql +ms.subservice: performance ms.devlang: na ms.topic: conceptual ms.tgt_pltfrm: vm-windows-sql-server diff --git a/azure-sql/virtual-machines/windows/sql-agent-extension-automatic-registration-all-vms.md b/azure-sql/virtual-machines/windows/sql-agent-extension-automatic-registration-all-vms.md index bfcc579ebbd..1162365ced6 100644 --- a/azure-sql/virtual-machines/windows/sql-agent-extension-automatic-registration-all-vms.md +++ b/azure-sql/virtual-machines/windows/sql-agent-extension-automatic-registration-all-vms.md @@ -9,7 +9,8 @@ ms.subservice: management ms.topic: conceptual ms.tgt_pltfrm: vm-windows-sql-server ms.workload: iaas-sql-server -ms.date: 11/07/2020 +ms.date: 11/07/2020 +ms.custom: devx-track-azurepowershell --- # Automatic registration with SQL IaaS Agent extension [!INCLUDE[appliesto-sqlvm](../../includes/appliesto-sqlvm.md)] @@ -24,7 +25,7 @@ Registering your SQL Server VM with the [SQL IaaS Agent extension](sql-server-ia When automatic registration is enabled, a job runs daily to detect whether or not SQL Server is installed on all the unregistered VMs in the subscription. This is done by copying the SQL IaaS agent extension binaries to the VM, then running a one-time utility that checks for the SQL Server registry hive. If the SQL Server hive is detected, the virtual machine is registered with the extension in lightweight mode. If no SQL Server hive exists in the registry, the binaries are removed. Automatic registration can take up to 4 days to detect newly created SQL Server VMs. -Once automatic registration is enabled for a subscription, all current and future VMs that have SQL Server installed will be registered with the SQL IaaS Agent extension **in lightweight mode without downtime, and without restarting the SQL Server service**. You still need to [manually upgrade to full manageability mode](sql-agent-extension-manually-register-single-vm.md#upgrade-to-full) to take advantage of the full feature set. +Once automatic registration is enabled for a subscription, all current and future VMs that have SQL Server installed will be registered with the SQL IaaS Agent extension **in lightweight mode without downtime, and without restarting the SQL Server service**. You still need to [manually upgrade to full manageability mode](sql-agent-extension-manually-register-single-vm.md#upgrade-to-full) to take advantage of the full feature set. The license type automatically defaults to that of the VM image. If you use a pay-as-you-go image for your VM, then your license type will be `PAYG`, otherwise your license type will be `AHUB` by default. > [!IMPORTANT] > The SQL IaaS Agent extension collects data for the express purpose of giving customers optional benefits when using SQL Server within Azure Virtual Machines. Microsoft will not use this data for licensing audits without the customer's advance consent. See the [SQL Server privacy supplement](/sql/sql-server/sql-server-privacy#non-personal-data) for more information. diff --git a/azure-sql/virtual-machines/windows/sql-agent-extension-manually-register-vms-bulk.md b/azure-sql/virtual-machines/windows/sql-agent-extension-manually-register-vms-bulk.md index 0eb33abbc1e..97f9a45fa1d 100644 --- a/azure-sql/virtual-machines/windows/sql-agent-extension-manually-register-vms-bulk.md +++ b/azure-sql/virtual-machines/windows/sql-agent-extension-manually-register-vms-bulk.md @@ -13,7 +13,8 @@ ms.tgt_pltfrm: vm-windows-sql-server ms.workload: iaas-sql-server ms.date: 11/07/2020 ms.author: mathoma -ms.reviewer: jroth +ms.reviewer: jroth +ms.custom: devx-track-azurepowershell --- # Register multiple SQL VMs in Azure with the SQL IaaS Agent extension diff --git a/azure-sql/virtual-machines/windows/sql-server-on-azure-vm-iaas-what-is-overview.md b/azure-sql/virtual-machines/windows/sql-server-on-azure-vm-iaas-what-is-overview.md index 7ebe74c5035..cc84a70c101 100644 --- a/azure-sql/virtual-machines/windows/sql-server-on-azure-vm-iaas-what-is-overview.md +++ b/azure-sql/virtual-machines/windows/sql-server-on-azure-vm-iaas-what-is-overview.md @@ -7,7 +7,7 @@ author: MashaMSFT tags: azure-service-management ms.assetid: c505089e-6bbf-4d14-af0e-dd39a1872767 ms.service: virtual-machines-sql - +ms.subservice: service-overview ms.topic: overview ms.tgt_pltfrm: vm-windows-sql-server diff --git a/azure-sql/virtual-machines/windows/sql-vulnerability-assessment-enable.md b/azure-sql/virtual-machines/windows/sql-vulnerability-assessment-enable.md deleted file mode 100644 index ffa119f0fb9..00000000000 --- a/azure-sql/virtual-machines/windows/sql-vulnerability-assessment-enable.md +++ /dev/null @@ -1,93 +0,0 @@ ---- -title: SQL Vulnerability Assessment for SQL Server on Azure VMs -description: Describes the SQL Vulnerability Assessment for SQL Server databases running on Azure Virtual Machines. -services: virtual-machines-windows -author: MashaMSFT -ms.service: virtual-machines-sql -ms.subservice: security -ms.topic: conceptual -ms.tgt_pltfrm: vm-windows-sql-server -ms.workload: iaas-sql-server -ms.date: 12/02/2020 -ms.author: mathoma ---- -# SQL Vulnerability Assessment for SQL Server on Azure VMs -[!INCLUDE[appliesto-sqlvm](../../includes/appliesto-sqlvm.md)] - -SQL Vulnerability Assessment (VA) is an easy-to-configure service that can discover, track, and help you remediate potential database vulnerabilities. Use it to proactively improve your database security for your SQL Server on Azure VMs. - -Vulnerability Assessment is part of the [Azure Defender for SQL](../../database/azure-defender-for-sql.md) offering, which is a unified package for advanced SQL security capabilities. Vulnerability Assessment can be accessed and managed via the central Azure Defender for SQL portal or via the Azure Security Center. - -## Overview - -SQL Vulnerability Assessment (VA) is a service that provides visibility into your security state. Vulnerability Assessment includes actionable steps to resolve security issues and enhance your database security. It can help you: - -- Meet compliance requirements that require database scan reports. -- Meet data privacy standards. -- Monitor a dynamic database environment where changes are difficult to track. - -Vulnerability Assessment is a scanning service that employs a knowledge base of rules that flag security vulnerabilities. It highlights deviations from best practices such as misconfigurations, excessive permissions, and unprotected sensitive data. - -The rules are based on Microsoft's best practices and focus on the security issues that present the biggest risks to your database and its valuable data. They cover database-level issues and server-level security issues, like server firewall settings and server-level permissions. These rules also represent many of the requirements from various regulatory bodies to meet their compliance standards. - -Results of the scan include actionable steps to resolve each issue and provide customized remediation scripts where applicable. You can customize an assessment report for your environment by setting an acceptable baseline for: - -- Permission configurations -- Feature configurations -- Database settings - -## Enable SQL VA - -Enable Azure Defender for SQL Servers on machines to implement the Vulnerability Assessment. - -To use the Azure Defender for SQL Server, follow these steps: - -1. [Install the SQL IaaS agent extension](sql-agent-extension-manually-register-single-vm.md). -1. [Enable auto provisioning of the Log Analytics agent](../../../security-center/security-center-enable-data-collection.md#auto-provision-mma). -1. [Enable the optional Security Center plan](../../../security-center/defender-for-sql-usage.md#step-2-enable-the-optional-plan-in-security-centers-pricing-and-settings-page). - -Since the Vulnerability Assessment is a part of Azure Defender for SQL, once Azure Defender is enabled on your virtual machine, your databases are automatically scanned every 12 hours to identify security vulnerabilities. Results are sent to Azure Security Center for a centralized aggregated view of the SQL data estate protected by Azure Defender for SQL. - -> [!NOTE] -> The scan is lightweight, safe, only takes a few seconds per database to run and is entirely read-only. It does not make any changes to your database. - -## View report - -The database report presents an overview of your security state. It lists how many issues were found and their respective severities. Results include warnings on deviations from best practices and a snapshot of your security-related settings, such as database principals and roles and their associated permissions. - -To view the report, follow these steps: - -1. Go to the [Azure Security Center](https://ms.portal.azure.com/#blade/Microsoft_Azure_Security/SecurityMenuBlade/0) in the Azure portal. -1. Select **Recommendations** in the **General** menu: - - :::image type="content" source="media/sql-vulnerability-assessment-enable/recommendations-in-security-center.png" alt-text="Go to Recommendations under Settings in the Azure Security Center from the Azure portal"::: - -1. Scroll down to the recommendations, and expand **Remediate vulnerabilities**. -1. Choose **Vulnerability assessment findings on your SQL servers on machines should be remediated**. - - :::image type="content" source="media/sql-vulnerability-assessment-enable/report-in-security-center.png" alt-text="View the report in the recommendation blade of the Azure Security Center"::: - -This page displays an aggregate of security vulnerabilities identified for all SQL Server VMs in the subscription. - - -## Analyze results - -Review your results and identify findings in the report that are true security issues in your environment. Drill down to each failed result to understand the impact of the finding and why each security check failed. - -:::image type="content" source="media/sql-vulnerability-assessment-enable/sample-report.png" alt-text="Review your results and identify findings in the report that are true security issues in your environment."::: - -## Set baseline - -As you review your assessment results, you can mark results as being an acceptable baseline in your environment. The baseline is essentially a customization of how the results are reported. Results that match the baseline are considered as passing in subsequent scans. After you've established your baseline security state, Vulnerability Assessment only reports on deviations from the baseline. In this way, you can focus your attention on the relevant issues. - -:::image type="content" source="media/sql-vulnerability-assessment-enable/analyze-report-for-details.png" alt-text="As you review your assessment results, you can mark results as being an acceptable baseline in your environment."::: - -## Export results - -Use the [Continuous export](../../../security-center/continuous-export.md) feature of the Azure Security Center to export vulnerability assessment findings to Azure Event Hub or to Log Analytics workspace. - - -## Next steps - -To learn more, see [SQL Vulnerability Assessment in Azure SQL](../../database/sql-vulnerability-assessment.md), and [Defending your SQL data using Azure Security Center](../../../security-center/security-center-introduction.md). - diff --git a/azure-sql/virtual-machines/windows/storage-configuration.md b/azure-sql/virtual-machines/windows/storage-configuration.md index 2e9c01a30c4..ffe795d8b6e 100644 --- a/azure-sql/virtual-machines/windows/storage-configuration.md +++ b/azure-sql/virtual-machines/windows/storage-configuration.md @@ -202,10 +202,12 @@ For more throughput, you can add additional data disks and use disk striping. To For example, the following PowerShell creates a new storage pool with the interleave size to 64 KB and the number of columns equal to the amount of physical disk in the storage pool: +# [Windows Server 2016 +](#tab/windows2016) + ```powershell $PhysicalDisks = Get-PhysicalDisk | Where-Object {$_.FriendlyName -like "*2" -or $_.FriendlyName -like "*3"} - - New-StoragePool -FriendlyName "DataFiles" -StorageSubsystemFriendlyName "Storage Spaces*" ` + + New-StoragePool -FriendlyName "DataFiles" -StorageSubsystemFriendlyName "Windows Storage on " ` -PhysicalDisks $PhysicalDisks | New- VirtualDisk -FriendlyName "DataFiles" ` -Interleave 65536 -NumberOfColumns $PhysicalDisks .Count -ResiliencySettingName simple ` –UseMaximumSize |Initialize-Disk -PartitionStyle GPT -PassThru |New-Partition -AssignDriveLetter ` @@ -213,6 +215,30 @@ For example, the following PowerShell creates a new storage pool with the interl -AllocationUnitSize 65536 -Confirm:$false ``` +In Windows Server 2016 and later, the default value for `-StorageSubsystemFriendlyName` is `Windows Storage on ` + + + +# [Windows Server 2008 - 2012 R2](#tab/windows2012) + + + + ```powershell + $PhysicalDisks = Get-PhysicalDisk | Where-Object {$_.FriendlyName -like "*2" -or $_.FriendlyName -like "*3"} + + New-StoragePool -FriendlyName "DataFiles" -StorageSubsystemFriendlyName "Storage Spaces on " ` + -PhysicalDisks $PhysicalDisks | New- VirtualDisk -FriendlyName "DataFiles" ` + -Interleave 65536 -NumberOfColumns $PhysicalDisks .Count -ResiliencySettingName simple ` + –UseMaximumSize |Initialize-Disk -PartitionStyle GPT -PassThru |New-Partition -AssignDriveLetter ` + -UseMaximumSize |Format-Volume -FileSystem NTFS -NewFileSystemLabel "DataDisks" ` + -AllocationUnitSize 65536 -Confirm:$false + ``` + +In Windows Server 2008 to 2012 R2, the default value for `-StorageSubsystemFriendlyName` is `Storage Spaces on `. + +--- + + * For Windows 2008 R2 or earlier, you can use dynamic disks (OS striped volumes) and the stripe size is always 64 KB. This option is deprecated as of Windows 8/Windows Server 2012. For information, see the support statement at [Virtual Disk Service is transitioning to Windows Storage Management API](/windows/win32/w8cookbook/vds-is-transitioning-to-wmiv2-based-windows-storage-management-api). * If you are using [Storage Spaces Direct (S2D)](/windows-server/storage/storage-spaces/storage-spaces-direct-in-vm) with [SQL Server Failover Cluster Instances](./failover-cluster-instance-storage-spaces-direct-manually-configure.md), you must configure a single pool. Although different volumes can be created on that single pool, they will all share the same characteristics, such as the same caching policy. @@ -222,4 +248,5 @@ For example, the following PowerShell creates a new storage pool with the interl ## Next steps -For other topics related to running SQL Server in Azure VMs, see [SQL Server on Azure Virtual Machines](sql-server-on-azure-vm-iaas-what-is-overview.md). \ No newline at end of file +For other topics related to running SQL Server in Azure VMs, see [SQL Server on Azure Virtual Machines](sql-server-on-azure-vm-iaas-what-is-overview.md). +