Instance Failover Groups - Failover

Fails over from the current primary managed instance to this managed instance.


URI Parameters

Name In Required Type Description
path True


The name of the failover group.

path True


The name of the region where the resource is located.

path True


The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.

path True


The subscription ID that identifies an Azure subscription.

query True


The API version to use for the request.


Name Type Description
200 OK


Successfully failed over.

202 Accepted


Other Status Codes

*** Error Responses: ***

  • 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.

  • 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.

  • 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.

  • 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.

  • 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.

  • 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.

  • 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.

  • 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.

  • 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.

  • 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.

  • 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period

  • 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.

  • 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.

  • 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.

  • 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.

  • 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.

  • 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.

  • 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.

  • 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.

  • 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.

  • 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.

  • 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.

  • 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.

  • 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.

  • 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.

  • 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.

  • 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.

  • 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.

  • 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.

  • 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.

  • 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.

  • 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.

  • 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.

  • 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.

  • 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.

  • 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.

  • 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.

  • 400 InvalidServerName - Invalid server name specified.

  • 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.

  • 400 TokenTooLong - The provided token is too long.

  • 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.

  • 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.

  • 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.

  • 400 InvalidSku - The user specified an invalid sku.

  • 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.

  • 400 ServerNotFound - The requested server was not found.

  • 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.

  • 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.

  • 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault.

  • 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.

  • 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.

  • 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.

  • 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.

  • 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.

  • 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.

  • 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.

  • 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.

  • 404 OperationIdNotFound - The operation with Id does not exist.

  • 404 ResourceNotFound - The requested resource was not found.

  • 404 OperationIdNotFound - The operation with Id does not exist.

  • 404 SourceDatabaseNotFound - The source database does not exist.

  • 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.

  • 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.

  • 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.

  • 409 OperationCancelled - The operation has been cancelled by user.

  • 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.

  • 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.

  • 409 RemoteDatabaseExists - The destination database name already exists on the destination server.

  • 409 ConflictingServerOperation - An operation is currently in progress for the server.

  • 409 SubscriptionDisabled - Subscription is disabled.

  • 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.

  • 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.

  • 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.

  • 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.

  • 409 ServerKeyNameAlreadyExists - The server key already exists on the server.

  • 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.

  • 409 ServerKeyDoesNotExists - The server key does not exist.

  • 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.

  • 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.

  • 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.

  • 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.

  • 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.

  • 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication seeding operation was performed on a database that is already in a replication relationship.

  • 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.

  • 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.

  • 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.

  • 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.

  • 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.

  • 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.

  • 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.

  • 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.

  • 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.

  • 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed

  • 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .

  • 504 RequestTimeout - Service request exceeded the allowed timeout.


Planned failover of a failover group

Sample request

POST West/instanceFailoverGroups/failover-group-test-3/failover?api-version=2021-11-01

Sample response

  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Default/providers/Microsoft.Sql/locations/JapanWest/instanceFailoverGroups/failover-group-test-3",
  "name": "failover-group-test-3",
  "type": "Microsoft.Sql/locations/instanceFailoverGroups",
  "properties": {
    "readWriteEndpoint": {
      "failoverPolicy": "Automatic",
      "failoverWithDataLossGracePeriodMinutes": 480
    "readOnlyEndpoint": {
      "failoverPolicy": "Disabled"
    "replicationRole": "Primary",
    "replicationState": "CATCH_UP",
    "partnerRegions": [
        "location": "Japan East",
        "replicationRole": "Secondary"
    "managedInstancePairs": [
        "primaryManagedInstanceId": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Default/providers/Microsoft.Sql/managedInstances/failover-group-secondary-mngdInstance",
        "partnerManagedInstanceId": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Default/providers/Microsoft.Sql/managedInstances/failover-group-primary-mngdInstance"


Name Description

An instance failover group.


Read-only endpoint of the failover group instance.


Read-write endpoint of the failover group instance.


Local replication role of the failover group instance.


Pairs of Managed Instances in the failover group.


Partner region information for the failover group.


Failover policy of the read-only endpoint for the failover group.


Failover policy of the read-write endpoint for the failover group. If failoverPolicy is Automatic then failoverWithDataLossGracePeriodMinutes is required.


An instance failover group.

Name Type Description


Resource ID.



Resource name.



List of managed instance pairs in the failover group.



Partner region information for the failover group.



Read-only endpoint of the failover group instance.



Read-write endpoint of the failover group instance.



Local replication role of the failover group instance.



Replication state of the failover group instance.



Resource type.


Read-only endpoint of the failover group instance.

Name Type Description


Failover policy of the read-only endpoint for the failover group.


Read-write endpoint of the failover group instance.

Name Type Description


Failover policy of the read-write endpoint for the failover group. If failoverPolicy is Automatic then failoverWithDataLossGracePeriodMinutes is required.



Grace period before failover with data loss is attempted for the read-write endpoint. If failoverPolicy is Automatic then failoverWithDataLossGracePeriodMinutes is required.


Local replication role of the failover group instance.

Name Type Description





Pairs of Managed Instances in the failover group.

Name Type Description


Id of Partner Managed Instance in pair.



Id of Primary Managed Instance in pair.


Partner region information for the failover group.

Name Type Description


Geo location of the partner managed instances.



Replication role of the partner managed instances.


Failover policy of the read-only endpoint for the failover group.

Name Type Description





Failover policy of the read-write endpoint for the failover group. If failoverPolicy is Automatic then failoverWithDataLossGracePeriodMinutes is required.

Name Type Description


