Introduction
In the previous article, Getting started with Azure SQL, we learned the basics to create an Azure SQL database.
Azure SQL is a nice option to easily have a database in Azure and at an accessible price. However, sometimes we need more features that we have in our SQL Server on-premises that we do not have in Azure SQL.
That is why Microsoft introduced some years ago the Azure SQL Managed Instance which contains several features that are not present in Azure SQL. In this article, we will learn how to create an Azure SQL Managed Instance in Azure and discuss its prices, configurations, and options during installation.
System requirements
To install an Azure SQL Managed Instance, you need the have an Azure Account. The following Azure subscriptions support an Azure SQL Managed Instance.
Getting started
First of all, to start, in the Azure Portal, select the Create a resource option.
Secondly, select Databases, and then on Azure SQL Managed Instance, select Create to create.
In the Basics section, select your subscription. In the Resource group select an existing Resource Group of your preference. Otherwise, select the Create new to create a new one.
The Managed Instance name is the name of the instance. It is the same concept as an instance on-premises. Make sure that the name is unique. About authentication, you can use SQL Authentication, Azure AD, or a mixed mode of both. The SQL Authentication is simple, you create the user and password of a SQL user. The other option is related to Azure Active Directory. For more information about Azure Authentication, we have a nice article written by one of our best authors here:
The Networking section has several sections. First, you have to select the virtual network.
You can choose or create a new virtual network to connect to the Managed Instance. The subnet is used for the managed instances. You also require a subnet for the dedicated managed instance.
For more information about Virtual networks, refer to these links:
- Configure an existing virtual network for Azure SQL Managed Instance
- Connectivity architecture for Azure SQL Managed Instance
The connection types are used to select the way that the customer connects to an Azure SQL Managed Instance.
There are two main options:
- Redirect, where the clients establish a connection directly to the node that hosts the database.
- Proxy, where the connections use a proxy gateway.
For more information about both options, please refer to this link:
The public endpoint is disabled by default but is used to manage your instance outside the virtual network. It is recommended not to enable it for security reasons. For more information about public endpoint configuration, refer to the following link:
Finally, we have the minimum TLS version. Transport Layer Security is used for security. We can control the TLS version with version 1.0, 1.1, or 1.2. We may have new versions in the future. For security reasons, it is recommended to use the last version available.
For more information about TLS versions, please refer to these links:
We also have the security section. In this section, we handle the Azure Active Directory Authentication. You can enable or disable managed identities and you can also add users here.
You also have the option to handle transparent data encryption. You have 2 options here.
- Service-managed key
- Customer-managed key
You can have your customer-managed key to protect your data. For this, a Database Encryption Key (DEK) is used.
For more information about managed keys, please refer to these links:
- Transparent Data Encryption (TDE) with customer-managed keys for Managed Instance
- Azure SQL Transparent Data Encryption with customer-managed key
Working with Additional Settings
Additional settings are used to configure the collation, time zone, geo-replication, and Maintenance.
Collation is referred to the characters and encoding used to handle information. The data will be ordered according to the collation. For example, if I use the Greek alphabet, the order of a select order by will not be the same as the latin1_general collation.
For more information about collation, please check these articles related:
Time zone is used to define your local time according to your country and region. For more information about available time zones and some recommendations and explanations, refer to this link:
The option to use as a Failover Secondary, by default is in no. This option allows having replication and failover of some databases in another managed instance in a different region.
For more information, refer to these links:
- Use auto-failover groups to enable transparent and coordinated geo-failover of multiple databases
- Tutorial: Add SQL Managed Instance to a failover group
Finally, maintenance Windows allow setting the preferred schedule time. For more information, refer to this link:
The tags allow to categorize search and administer resources. It is a best practice to organize your resources.
For more information about Tags, refer to this link:
The Review + Create is the final part. You can review if the configuration is fine here and check the prices and terms. For more pricing information, refer to this link:
If everything goes well, you will have your Azure SQL Managed Instance installed successfully.
Conclusion
In this article, we learned how to install the Azure SQL Managed Instance. We verified the different options to install, subnets, networking, TLS configuration, Security, and more.
He has worked for the government, oil companies, web sites, magazines and universities around the world. Daniel also regularly speaks at SQL Servers conferences and blogs. He writes SQL Server training materials for certification exams.
He also helps with translating SQLShack articles to Spanish
View all posts by Daniel Calbimonte
- PostgreSQL tutorial to create a user - November 12, 2023
- PostgreSQL Tutorial for beginners - April 6, 2023
- PSQL stored procedures overview and examples - February 14, 2023