Merge pull request #115269 from MashaMSFT/move12

Move12

Author: Jak-MS

azure-sql/database/aad-authentication-configure.md

@@ -15,7 +15,7 @@ ms.date: 03/27/2020
 ---
 # Configure and manage Azure Active Directory authentication with SQL
 
-This article shows you how to create and populate Azure AD, and then use Azure AD with [Azure SQL Database](../../sql-database/sql-database-technical-overview.md), [Azure SQL Managed Instance](../../sql-database/sql-database-managed-instance.md), and [Azure Synapse Analytics (formerly Azure SQL Data Warehouse)](../../synapse-analytics/sql-data-warehouse/sql-data-warehouse-overview-what-is.md). For an overview, see [Azure Active Directory Authentication](aad-authentication-overview.md).
+This article shows you how to create and populate Azure AD, and then use Azure AD with [Azure SQL Database](technical-overview.md), [Azure SQL Managed Instance](../../sql-database/sql-database-managed-instance.md), and [Azure Synapse Analytics (formerly Azure SQL Data Warehouse)](../../synapse-analytics/sql-data-warehouse/sql-data-warehouse-overview-what-is.md). For an overview, see [Azure Active Directory Authentication](aad-authentication-overview.md).
 
 ## Azure AD authentication methods
 

azure-sql/database/aad-authentication-overview.md

@@ -14,7 +14,7 @@ ms.date: 04/23/2020
 ---
 # Use Azure Active Directory Authentication for authentication with Azure SQL
 
-Azure Active Directory authentication is a mechanism of connecting to [Azure SQL Database](../../sql-database/sql-database-technical-overview.md), [Azure SQL Managed Instance](../../sql-database/sql-database-managed-instance.md), and [Azure Synapse Analytics (formerly Azure SQL Data Warehouse)](../../synapse-analytics/sql-data-warehouse/sql-data-warehouse-overview-what-is.md) by using identities in Azure Active Directory (Azure AD).
+Azure Active Directory authentication is a mechanism of connecting to [Azure SQL Database](technical-overview.md), [Azure SQL Managed Instance](../../sql-database/sql-database-managed-instance.md), and [Azure Synapse Analytics (formerly Azure SQL Data Warehouse)](../../synapse-analytics/sql-data-warehouse/sql-data-warehouse-overview-what-is.md) by using identities in Azure Active Directory (Azure AD).
 
 > [!NOTE]
 > This article applies to Azure SQL Database, SQL Managed Instance, and Azure Synapse. For simplicity, Azure SQL is used when referring to all three.

azure-sql/database/active-geo-replication-configure-portal.md

@@ -35,7 +35,7 @@ The following steps create a new secondary database in a geo-replication partner
 
 To add a secondary database, you must be the subscription owner or co-owner.
 
-The secondary database has the same name as the primary database and has, by default, the same service tier and compute size. The secondary database can be a single database or a pooled database. For more information, see [DTU-based purchasing model](dtu-service-tiers.md) and [vCore-based purchasing model](../../sql-database/sql-database-service-tiers-vcore.md).
+The secondary database has the same name as the primary database and has, by default, the same service tier and compute size. The secondary database can be a single database or a pooled database. For more information, see [DTU-based purchasing model](dtu-service-tiers.md) and [vCore-based purchasing model](service-tiers-vcore.md).
 After the secondary is created and seeded, data begins replicating from the primary database to the new secondary database.
 
 > [!NOTE]

azure-sql/database/active-geo-replication-overview.md

@@ -122,7 +122,7 @@ Transaction log rate throttling on the primary due to lower compute size on a se
 > [!NOTE]
 > Transaction log rate on the primary may be throttled for reasons unrelated to lower compute size on a secondary. This kind of throttling may occur even if the secondary has the same or higher compute size than the primary. For details, including wait types for different kinds of log rate throttling, see [Transaction log rate governance](resource-limits-logical-server.md#transaction-log-rate-governance).
 
-For more information on the SQL Database compute sizes, see [What are SQL Database Service Tiers](../../sql-database/sql-database-purchase-models.md).
+For more information on the SQL Database compute sizes, see [What are SQL Database Service Tiers](purchasing-models.md).
 
 ## Cross-subscription geo-replication
 
@@ -288,5 +288,5 @@ As discussed previously, active geo-replication can also be managed programmatic
 - SQL Database also supports auto-failover groups. For more information, see using [auto-failover groups](auto-failover-group-overview.md).
 - For a business continuity overview and scenarios, see [Business continuity overview](business-continuity-high-availability-disaster-recover-hadr-overview.md)
 - To learn about Azure SQL Database automated backups, see [SQL Database automated backups](automated-backups-overview.md).
-- To learn about using automated backups for recovery, see [Restore a database from the service-initiated backups](../../sql-database/sql-database-recovery-using-backups.md).
+- To learn about using automated backups for recovery, see [Restore a database from the service-initiated backups](recovery-using-backups.md).
 - To learn about authentication requirements for a new primary server and database, see [SQL Database security after disaster recovery](geo-replication-security-configure.md).

azure-sql/database/advanced-data-security.md

@@ -22,8 +22,8 @@ Advanced data security (ADS) is a unified package for advanced SQL security capa
 Advanced data security (ADS) provides a set of advanced SQL security capabilities, including data discovery & classification, vulnerability assessment, and Advanced Threat Protection.
 
 - [Data Discovery & Classification](data-discovery-and-classification-overview.md) provides capabilities built into Azure SQL Database, Azure SQL Managed Instance, and Azure Synapse for discovering, classifying, labeling & reporting the sensitive data in your databases. It can be used to provide visibility into your database classification state, and to track the access to sensitive data within the database and beyond its borders.
-- [Vulnerability Assessment](../../sql-database/sql-vulnerability-assessment.md) is an easy to configure service that can discover, track, and help you remediate potential database vulnerabilities. It provides visibility into your security state, and includes actionable steps to resolve security issues, and enhance your database fortifications.
-- [Advanced Threat Protection](../../sql-database/sql-database-threat-detection-overview.md) detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit your database. It continuously monitors your database for suspicious activities, and provides immediate security alerts on potential vulnerabilities, SQL injection attacks, and anomalous database access patterns. Advanced Threat Protection alerts provide details of the suspicious activity and recommend action on how to investigate and mitigate the threat.
+- [Vulnerability Assessment](sql-vulnerability-assessment.md) is an easy to configure service that can discover, track, and help you remediate potential database vulnerabilities. It provides visibility into your security state, and includes actionable steps to resolve security issues, and enhance your database fortifications.
+- [Advanced Threat Protection](threat-detection-overview.md) detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit your database. It continuously monitors your database for suspicious activities, and provides immediate security alerts on potential vulnerabilities, SQL injection attacks, and anomalous database access patterns. Advanced Threat Protection alerts provide details of the suspicious activity and recommend action on how to investigate and mitigate the threat.
 
 Enable SQL ADS once to enable all of these included features. With one click, you can enable ADS for all databases on your [server](logical-servers.md) in Azure (which hosts SQL Database or Azure Synapse Analytics) or in you instance in Azure SQL Managed Instance. Enabling or managing ADS settings requires belonging to the [SQL security manager](https://docs.microsoft.com/azure/role-based-access-control/built-in-roles#sql-security-manager) role, SQL database admin role or SQL server admin role.
 
@@ -70,6 +70,6 @@ Advanced data security settings for your server or managed instance can also be
 ## Next steps
 
 - Learn more about [Data Discovery & Classification](data-discovery-and-classification-overview.md)
-- Learn more about [vulnerability Assessment](../../sql-database/sql-vulnerability-assessment.md)
-- Learn more about [Advanced Threat Protection](../../sql-database/sql-database-threat-detection.md)
+- Learn more about [vulnerability Assessment](sql-vulnerability-assessment.md)
+- Learn more about [Advanced Threat Protection](threat-detection.md)
 - Learn more about [Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-intro)

azure-sql/database/arm-templates-content-guide.md

@@ -0,0 +1,51 @@
+---
+title: Azure Resource Manager templates
+titleSuffix: Azure SQL Database & SQL Managed Instance
+description: Use Azure Resource Manager templates to create and configure Azure SQL Database and Azure SQL Managed Instance. 
+services: sql-database
+ms.service: sql-database
+ms.subservice: service
+ms.custom: overview-samples sqldbrb=2
+ms.devlang: 
+ms.topic: sample
+author: jovanpop-msft
+ms.author: jovanpop
+ms.reviewer: sstein
+ms.date: 02/04/2019
+---
+
+# Azure Resource Manager templates for Azure SQL Database
+
+Azure Resource Manager templates enable you to define your infrastructure as code and deploy your solutions to Azure cloud for your Azure SQL Database and Azure SQL Managed Instance.
+
+## [Azure SQL Database](#tab/single-database)
+
+The following table includes links to Azure Resource Manager templates for Azure SQL Database.
+
+| |  |
+|---|---|
+| [SQL Database](https://github.com/Azure/azure-quickstart-templates/tree/master/201-sql-database-transparent-encryption-create) | This Azure Resource Manager template creates a single database in Azure SQL Database and configures server-level IP firewall rules. |
+| [Server](https://github.com/Azure/azure-quickstart-templates/tree/master/101-sql-logical-server) | This Azure Resource Manager template creates a server for Azure SQL Database. |
+| [Elastic pool](https://github.com/Azure/azure-quickstart-templates/tree/master/101-sql-elastic-pool-create) | This template allows you to deploy an elastic pool and to assign databases to it. |
+| [Failover groups](https://github.com/Azure/azure-quickstart-templates/tree/master/101-sql-with-failover-group) | This template creates two servers, a single database, and a failover group in Azure SQL Database.|
+| [Threat Detection](https://github.com/Azure/azure-quickstart-templates/tree/master/201-sql-threat-detection-db-policy-multiple-databases) | This template allows you to deploy a server and a set of databases with Threat Detection enabled, with an email address for alerts for each database. Threat Detection is part of the SQL Advanced Threat Protection (ATP) offering and provides a layer of security that responds to potential threats over servers and databases.|
+| [Auditing to Azure Blob Storage](https://github.com/Azure/azure-quickstart-templates/tree/master/201-sql-auditing-server-policy-to-blob-storage) | This template allows you to deploy a server with auditing enabled to write audit logs to a blob storage. Auditing for Azure SQL Database tracks database events and writes them to an audit log that can be placed in your Azure storage account, OMS workspace, or Event Hubs.|
+| [Auditing to Azure Event Hub](https://github.com/Azure/azure-quickstart-templates/tree/master/201-sql-auditing-server-policy-to-eventhub) | This template allows you to deploy a server with auditing enabled to write audit logs to an existing Event Hub. In order to send audit events to Event Hub, set auditing settings with `Enabled` `State` and set `IsAzureMonitorTargetEnabled` as `true`. Also, configure Diagnostic Settings with `SQLSecurityAuditEvents` log category on the `master` database (for serve level auditing). Auditing tracks database events and writes them to an audit log that can be placed in your Azure storage account, OMS workspace, or Event Hubs.|
+| [Azure Web App with SQL Database](https://github.com/Azure/azure-quickstart-templates/tree/master/201-web-app-sql-database) | This sample creates a free Azure Web App and a database in Azure SQL Database at the "Basic" service level.|
+| [Azure Web App and Redis Cache with SQL Database](https://github.com/Azure/azure-quickstart-templates/tree/master/201-web-app-redis-cache-sql-database) | This template creates a Web App, Redis Cache, and SQL Database in the same resource group, and creates two connection strings in the Web App for the SQL Database and Redis Cache.|
+| [Import data from blob storage using ADF V2](https://github.com/Azure/azure-quickstart-templates/tree/master/101-data-factory-v2-blob-to-sql-copy) | This Azure Resource Manager template creates Azure Data Factory V2 that copies data from Azure Blob Storage to SQL Database.|
+| [HDInsight cluster with a SQL Database](https://github.com/Azure/azure-quickstart-templates/tree/master/101-hdinsight-linux-with-sql-database) | This template allows you to create a HDInsight cluster, a logical SQL server, a database, and two tables. This template is used by the [Use Sqoop with Hadoop in HDInsight article](https://docs.microsoft.com/azure/hdinsight/hadoop/hdinsight-use-sqoop) |
+| [Azure Logic App that runs a SQL Stored Procedure on a schedule](https://github.com/Azure/azure-quickstart-templates/tree/master/101-logic-app-sql-proc) | This template allows you to create a Logic App that will run a SQL stored procedure on schedule. Any arguments for the procedure can be put into the body section of the template.|
+
+## [Azure SQL Managed Instance](#tab/managed-instance)
+
+The following table includes links to Azure Resource Manager templates for Azure SQL Managed Instance.
+
+| |  |
+|---|---|
+| [SQL Managed Instance in a new VNet](https://github.com/Azure/azure-quickstart-templates/tree/master/101-sqlmi-new-vnet) | This Azure Resource Manager template creates a new configured Azure VNet and SQL Managed Instance in the VNet. |
+| [Network environment for SQL Managed Instance](https://github.com/Azure/azure-quickstart-templates/tree/master/101-sql-managed-instance-azure-environment) | This deployment will create a configured Azure Virtual Network with two subnets - one that will be dedicated to your SQL Managed Instances, and another one where you can place other resources (for example VMs, App Service environments, etc.). This template will create a properly configured networking environment where you can deploy SQL Managed Instances. |
+| [SQL Managed Instance with P2S connection](https://github.com/Azure/azure-quickstart-templates/tree/master/201-sqlmi-new-vnet-w-point-to-site-vpn) | This deployment will create an Azure Virtual Network with two subnets `ManagedInstance` and `GatewaySubnet`. SQL Managed Instance will be deployed in ManagedInstance subnet. Virtual network gateway will be created in `GatewaySubnet` subnet and configured for Point-to-Site VPN connection. |
+| [SQL Managed Instance with Virtual machine](https://github.com/Azure/azure-quickstart-templates/tree/master/201-sqlmi-new-vnet-w-jumpbox) | This deployment will create an Azure Virtual Network with two subnets `ManagedInstance` and `Management`. SQL Managed Instance will be deployed in `ManagedInstance` subnet. Virtual machine with the latest version of SQL Server Management Studio (SSMS) will be deployed in `Management` subnet. |
+
+---

azure-sql/database/audit-log-format.md

@@ -25,7 +25,7 @@ For example, for database `Database1` on `Server1` the following is a possible v
 
     Server1/Database1/SqlDbAuditing_ServerAudit_NoRetention/2019-02-03/12_23_30_794_0.xel
 
-[Read-only Replicas](../../sql-database/sql-database-read-scale-out.md) Audit logs are stored in the same container. The directory hierarchy within the container is of the form `<ServerName>/<DatabaseName>/<AuditName>/<Date>/RO/`. The Blob filename shares the same format. The Audit Logs of Read-only Replicas are stored in the same container.
+[Read-only Replicas](read-scale-out.md) Audit logs are stored in the same container. The directory hierarchy within the container is of the form `<ServerName>/<DatabaseName>/<AuditName>/<Date>/RO/`. The Blob filename shares the same format. The Audit Logs of Read-only Replicas are stored in the same container.
 
 
 ### Event Hub

azure-sql/database/auto-failover-group-overview.md

@@ -254,7 +254,7 @@ When performing OLTP operations, use `<fog-name>.zone_id.database.windows.net` a
 If you have a logically isolated read-only workload that is tolerant to certain staleness of data, you can use the secondary database in the application. To connect directly to the geo-replicated secondary, use `server.secondary.zone_id.database.windows.net` as the server URL and the connection is made directly to the geo-replicated secondary.
 
 > [!NOTE]
-> In certain service tiers, SQL Database supports the use of [read-only replicas](../../sql-database/sql-database-read-scale-out.md) to load balance read-only query workloads using the capacity of one read-only replica and using the `ApplicationIntent=ReadOnly` parameter in the connection string. When you have configured a geo-replicated secondary, you can use this capability to connect to either a read-only replica in the primary location or in the geo-replicated location.
+> In certain service tiers, SQL Database supports the use of [read-only replicas](read-scale-out.md) to load balance read-only query workloads using the capacity of one read-only replica and using the `ApplicationIntent=ReadOnly` parameter in the connection string. When you have configured a geo-replicated secondary, you can use this capability to connect to either a read-only replica in the primary location or in the geo-replicated location.
 >
 > - To connect to a read-only replica in the primary location, use `<fog-name>.zone_id.database.windows.net`.
 > - To connect to a read-only replica in the secondary location, use `<fog-name>.secondary.zone_id.database.windows.net`.
@@ -371,7 +371,7 @@ Due to the high latency of wide area networks, continuous copy uses an asynchron
 
 ## Failover groups and point-in-time restore
 
-For information about using point-in-time restore with failover groups, see [Point in Time Recovery (PITR)](../../sql-database/sql-database-recovery-using-backups.md#point-in-time-restore).
+For information about using point-in-time restore with failover groups, see [Point in Time Recovery (PITR)](recovery-using-backups.md#point-in-time-restore).
 
 ## Limitations of failover groups
 
@@ -471,5 +471,5 @@ As discussed previously, auto-failover groups and active geo-replication can als
   - [Use PowerShell to add an Azure SQL Database to a failover group](scripts/add-database-to-failover-group-powershell.md)
 - For a business continuity overview and scenarios, see [Business continuity overview](business-continuity-high-availability-disaster-recover-hadr-overview.md)
 - To learn about Azure SQL Database automated backups, see [SQL Database automated backups](automated-backups-overview.md).
-- To learn about using automated backups for recovery, see [Restore a database from the service-initiated backups](../../sql-database/sql-database-recovery-using-backups.md).
+- To learn about using automated backups for recovery, see [Restore a database from the service-initiated backups](recovery-using-backups.md).
 - To learn about authentication requirements for a new primary server and database, see [SQL Database security after disaster recovery](geo-replication-security-configure.md).