X
Popular Searches

How to use an Azure SQL Managed Instance

azure logo

Microsoft SQL Server management is often a difficult and time-consuming task. To address challenges such as performance tuning, scalability, and updates, Microsoft introduced the Azure SQL Managed Instance.

Azure SQL Managed Instances take the difficulty out of managing a SQL environment. It uses an evergreen Microsoft SQL, which always uses the latest version and features. SQL upgrades, patching, and security are fully managed and automated. High availability, disaster recovery, and automated backups make Managed SQL easy to administrator and use.

Provisioning an Azure SQL Managed Instance

To get started, navigate to the Azure SQL service offering within the Azure Portal. Click on “Create Azure SQL resource” to get started.

Click on "Create Azure SQL resource" to get started provising your instance.

A couple of options are available for SQL deployments. Though this article focuses on the middle option, SQL managed instances, there are a few other options that may be useful.

  • SQL Databases: Flexible options for both single databases and elastic pools, this is a modern take on managed database offerings.
  • SQL Managed Instances: Excellent for migrations and “lift-and-shift” operations, an easy to administrator and powerful SQL environment.
  • SQL Virtual Machines: Traditional SQL Server that can be fully managed by an administrator.

In this case, we are going to work with the SQL managed instance. Click on “Create” under the SQL managed instance option to start the provisioning wizard.

Click on "Create" to start the provisioning wizard.

First, we need to enter a name, select the region, and provide the administrator account details.

The administrator account is a SQL login type account, and can be connected to like so.

Provide the administrator account details.

If you would like to change the compute resources provided, click on “Configure Managed Instance.” First, we need to choose the type of service tier and the compute hardware. As you can tell, this is not exactly the cheapest of options but does provide a lot of utility. Balanced against the time savings with patching and management, this very well could easily pay for itself.

Choose the service tier type and compute hardware.

Networking, additional settings, and tags will all be created with their defaults in this article. If you need customization of the collations, time zones, public endpoints, and tagging, you will want to review those pages in depth.

Finally, create the SQL managed instance. Word of caution, this process can take up to 6 hours, per their documentation. During the creation of this instance, it took about 2 hours to fully provision.

Create the SQL managed instance.

Create a New Database

Now that we have our SQL server provisioned, let’s create a simple database named testdatabase. Though this can be done through SQL Server Management Studio (SSMS), it can also be done via the Azure Portal. Click on the New Database option to quickly provision a database.

Click on the New Database option to provision a database.

Simply provide a name and click on “Create.” This will immediately create the database and make it available.

 

Provide a name and click on "Create" to create a database.

Connecting via Public Endpoint

There are a number of ways to connect to this instance. You can choose to connect via a virtual machine with SSMS installed that can then connect to this instance, via code using the available connection strings, or if you choose to allow the public endpoint to be available, by remote SSMS installation. For ease of management, we will demonstrate how to allow the remote endpoint option.

Any time you open a port externally, you run the risk of unauthorized access, make sure to fully secure, and consider if this is the best option.

With that caveat out of the way, first, navigate to the Networking pane on your SQL managed instance. Choose “Enable” on the public endpoint (data) option and click on “Save.” This option by itself won’t allow an SSMS installation to access this instance, as the necessary ports needed to be opened in the Network Security Group (NSG).

Choose "Enable" on the public endpoint (data) option and click on "Save" under Networking.

On the overview page, locate the Virtual network/subnet section, and click on the link to the managed instance configuration.

Click on themanaged instance configuration link.

Once under the virtual network resource assigned to this SQL managed instance, navigate to the subnet pane and take note of the Security group. In this case, this is named nsg-lc-test-sql-instance.

Note the Security group.

The easiest way to navigate to this NSG is to locate the link via the Microsoft Azure Portal search functionality. Click on the found resource to navigate to the page.

To navigate to this NSG, locate the Microsoft Azure Portal search functionality link, and click on the found resource to navigate to the page.

Once on the NSG attached to the SQL managed instance, navigate to Inbound security rules and click on “Add.”

Navigate to Inbound security rules, then click on "Add."

Enter the following to create a firewall rule to allow public endpoint access to this managed instance and click on “Add” to enable the firewall rule.

  • Source: Any
  • Source port ranges: *
  • Destination: Any
  • Destination port ranges: 3342
  • Protocol: TCP
  • Action: Allow
  • Priority: 1300 (This needs to be prioritized above the default deny all rule, which 1300 will do so by default.)
  • Name: Port_3342
  • Description: blank (optional)

Create a firewall rule and click on "Add" to enable it.

Once the firewall rule has been added, navigate back to your SQL managed instance, and click on the “Connection Strings Pane.” In the ADO.NET section, you will see that the second section has the public endpoint. The value that you will need, as shown below, is the following.

lc-test-sql-instance.public.1994d7e4f669.database.windows.net,3342

In the ADO.NET section, the second section has the public endpoint.

Note that we are keeping the ,3342 section as this will tell SSMS what unique port to use to connect to this instance. SQL uses the , instead of the typical : to denote port.

Take the value that you retrieved from the ADO.NET public endpoint configuration, and connect using SSMS and your previously configured Administrator login and password.

Using the value you retrieved from ADO.NET public endpoint configuration, connect using SSMS and your previously configured Administrator login and password.

You can see the previously created test-database is available for administration, just like a typical SQL server.

The previously created test-database is available for administration.

Conclusion

Azure SQL Managed Instances provide a powerful and easy-to-use SQL instance to use. This can be leveraged to migrate on-premise resources quickly and easily, or to take the burden off of SQL administrators and empower developers to leverage the full power of Microsoft SQL.

Adam Bertram Adam Bertram
Adam Bertram is a 20+ year veteran of IT and an experienced online business professional. He’s a consultant, Microsoft MVP, blogger, trainer, published author and content marketer for multiple technology companies. Catch up on Adam’s articles at adamtheautomator.com, connect on LinkedIn, or follow him on Twitter at @adbertram. Read Full Bio »

The above article may contain affiliate links, which help support CloudSavvy IT.