Azure Arc-enabled SQL Server
Azure Arc-enabled SQL Server extends Azure services to SQL Server instances hosted outside of Azure; in your datacenter, on the edge, or in a multi-cloud environment.
To enable Azure services, you must onboard a running SQL Server instance to Azure Arc. The onboarding will install a Azure extension for SQL Server to the Connected Machine agent, which in turn will create an Azure resource for each SQL Server instance. You can see all the Arc-enabled SQL Server resources in the Azure portal under Azure Arc > SQL Server. The properties of this resource reflect a subset of the SQL Server configuration settings.
The SQL Server instance can be installed in a virtual or physical machine running Windows or Linux that is connected to Azure Arc via the Connected Machine agent. When you register the SQL Server instance, the agent is installed, and the machine is registered automatically.
The Connected Machine agent communicates outbound securely to Azure Arc over TCP port 443. If the machine connects through a firewall or an HTTP proxy server to communicate over the Internet, review the network configuration requirements for the Connected Machine agent.
Azure Arc-enabled SQL Server supports a set of solutions that require Microsoft Monitoring Agent (MMA) to be installed and connected to an Azure Log analytics workspace for data collection and reporting. These solutions include Microsoft Defender for Cloud and On-demand SQL Assessment feature.
The following diagram illustrates the architecture of SQL Server on Azure Arc enable servers.
To learn more about these capabilities, you can also refer to this Data Exposed episode.
Supported SQL versions and operating systems
Azure Arc-enabled SQL Server supports SQL Server 2012 or higher running on one of the following versions of the Windows or Linux operating system:
- Windows Server 2012 R2 and higher
- Ubuntu 16.04 and 18.04 (x64)
- Red Hat Enterprise Linux (RHEL) 7 (x64)
- SUSE Linux Enterprise Server (SLES) 15 (x64)
SQL Server on Azure Arc-enabled servers does not support container images with SQL Server.
To connect the SQL Server instances and the hosting machine to Azure Arc, you must have a user account or Azure service principal with privileges to perform the following actions:
For optimal security, create a custom role in Azure that has the minimal permissions listed. For information on how to create a custom role in Azure with these permissions, see Custom roles overview. To add role assignment, see the appropriate article from the following list:
- Add or remove role assignments using Azure portal
- Add or remove role assignments using Azure RBAC and Azure CLI
Azure subscription and service limits
Before configuring your SQL server instances and machines with Azure Arc, review the Azure Resource Manager subscription limits and resource group limits to plan for the number of machines to be connected.
Networking configuration and resource providers
Review networking configuration, transport layer security, and resource providers required for Connected Machine agent.
The resource provider
Microsoft.AzureArcData is required to connect the SQL Server instances to Azure Arc. To register the resource provider, follow the instructions in the Prerequisites section.
If you connected an instance of SQL Server to Azure Arc prior to December 2020, you need to follow the prerequisite steps to migrate the existing Arc-enabled SQL Server resources to the new namespace.
Supported Azure regions
Arc-enabled SQL Server is available in the following regions:
- East US
- East US 2
- West US 2
- Central US
- South Central US
- UK South
- France Central
- West Europe
- North Europe
- Japan East
- Korea Central
- East Asia
- Southeast Asia
- Australia East
Submit and view feedback for