SQL Server enabled by Azure Arc
Applies to: 
SQL Server
SQL Server enabled by Azure Arc extends Azure services to SQL Server instances hosted outside of Azure: in your data center, in edge site locations like retail stores, or any public cloud or hosting provider.
Manage your SQL Servers at-scale from a single point of control
Azure Arc enables you to manage all of your SQL Servers from a single point of control: Azure. As you connect your SQL Servers to Azure, you get a single place to view the detailed inventory of your SQL Servers and databases.
- Look at details for a given SQL Server in the Azure portal such as the name, version, edition, number of cores, and host operating system.
- Query across all of your SQL Servers using Azure Resource Graph Explorer to answer questions like:
- "How many SQL Servers do I have that are SQL Server 2014?"
- "What are the names of all the SQL Servers that are running on Linux?"
- Quickly create charts from these queries and pin them to customizable dashboards.
- View a list of every database on a SQL Server and do cross-SQL Server queries of databases to see:
- Databases that haven't been backed up recently.
- Databases that aren't encrypted.
Best practices assessment
You can optimize the configuration of your SQL Servers for best performance and security by running a best practices assessment. The assessment report shows you specific ways to improve your configuration. The assessment compares your configuration to best practices established by Microsoft Support through many years of real-world experience. Each suggestion includes the details on how to change the configuration.
Microsoft Entra ID authentication
Establish a secure connection to Azure to authenticate with Microsoft Entra ID. Requires:
- SQL Server 2022 (16.x) or later.
- SQL Server enabled by Azure Arc
Note
Microsoft Entra ID is the new name for Azure Active Directory (Azure AD). We are updating documentation at this time.
Microsoft Defender for Cloud
Microsoft Defender for Cloud helps you discover and mitigate potential database vulnerabilities and alerts you to anomalous activities. These activities might indicate threats to your databases on Arc-enabled SQL Servers.
- Vulnerability assessment: Scan databases to discover, track, and remediate vulnerabilities.
- Threat protection: Receive detailed security alerts and recommended actions based on SQL Advanced Threat Protection to provide to mitigate threats.
When you enable Microsoft Defender through SQL Server enabled by Azure Arc, you can get substantial cost savings on Defender.
Microsoft Purview
Microsoft Purview provides a unified data governance solution to help manage and govern your on-premises, multicloud, and software as a service (SaaS) data. Easily create a holistic, up-to-date map of your data landscape with automated data discovery, sensitive data classification, and end-to-end data lineage. Enable data consumers to access valuable, trustworthy data management.
SQL Server enabled by Azure Arc powers some of the Microsoft Purview features such as access policies and it generally makes it easier for you to get your SQL Servers connected into Purview.
Pay-as-you-go for SQL Server
Now, with SQL Server enabled by Azure Arc, you have the option of purchasing SQL Server using a 'pay-as-you-go' model instead of purchasing licenses. This model is a great alternative if you're looking to save costs on SQL Servers that have variable demand for compute capacity over time. For example, when you can turn off a SQL Server at night or on weekends, or even just scale down the number of cores used during less busy times. It's also a great option if you only plan to use a SQL Server for a short period of time and then won't need it anymore. Pay-as-you-go, billed through Azure, is now available for all versions of SQL Server from 2012 to 2022.
Extended Security Updates (ESU)
Once SQL Server has reached the end of its support lifecycle, you can sign up for an Extended Security Update (ESU) subscription for your servers and remain protected for up to three years. When you upgrade to a newer version of SQL Server, your ESU subscription is automatically canceled. When you migrate to Azure SQL, the ESU charges automatically stop but you continue to have access to the ESUs.
Architecture
The SQL Server instance that you want to enable with Azure Arc can be installed in a virtual or physical machine running Windows or Linux. The Azure Connected Machine agent and the Azure Extension for SQL Server securely connect to Azure to establish communication channels with multiple Azure services using only outbound HTTPS traffic on TCP port 443 using Transport Layer Security (TLS). The Azure Connected Machine agent can communicate through a configurable HTTPS proxy server over Azure Express Route, Azure Private Link or over the Internet. Review the overview, network requirements, and prerequisites for the Azure Connected Machine agent.
Some of the services provided by SQL Server enabled by Azure Arc, such as Microsoft Defender for Cloud and best practices assessment, require the Azure Monitoring agent (AMA) extension to be installed and connected to an Azure Log Analytics workspace for data collection and reporting.
The following diagram illustrates the architecture of SQL Server enabled by Azure Arc.
Feature availability depending on license type
The following table identifies features enabled depending on license type:
| Feature | License only 1 | License with Software Assurance or SQL subscription |
Pay-as-you-go |
|---|---|---|---|
| Connect to Azure | Yes | Yes | Yes |
| SQL Server inventory | Yes | Yes | Yes |
| Best practices assessment | No | Yes | Yes |
| Detailed database inventory | No | Yes | Yes |
| Microsoft Entra ID authentication | Yes | Yes | Yes |
| Microsoft Defender for Cloud | Yes | Yes | Yes |
| Govern through Microsoft Purview | Yes | Yes | Yes |
| Automated backups to local storage (preview) | No | Yes | Yes |
| Point-in-time-restore (preview) | No | Yes | Yes |
| Automated patching | No | Yes | Yes |
| Failover cluster instances (preview) | Yes | Yes | Yes |
| Always On availability groups (preview) | Yes | Yes | Yes |
| Monitoring (preview) | No | Yes | Yes |
1 License only includes SQL Server instances that are Developer, Express, Web, or Evaluation Edition and instances using a Server/CAL license.
Feature availability by operating system
The following table identifies features available by operating system:
| Feature | Windows | Linux |
|---|---|---|
| Discover and register SQL Servers in Azure | Yes | Yes |
| Use Azure Policy to onboard SQL Server instances at scale | Yes | Yes |
| Azure pay-as-you-go billing | Yes | Yes |
| Install Azure extension for SQL Server during setup 1 | Yes | No |
| Best practices assessment | Yes | No |
| Detailed database inventory | Yes | No |
| Microsoft Entra ID authentication 1 | Yes | Yes |
| Microsoft Defender for Cloud | Yes | No |
| Microsoft Purview | Yes | Yes |
| Automated backups to local storage (preview) | Yes | No |
| Point-in-time-restore (preview) | Yes | No |
| Automated patching | Yes | No |
| SQL Server 2012 extended security updates | Yes | Not applicable |
| Failover cluster instances (preview) | Yes | Not applicable |
| Always On availability groups (preview) | Yes | Not applicable |
| Monitoring (preview) | Yes | No |
1 SQL Server 2022 (16.x) only.
Feature availability by version
The following table identifies features available by SQL Server version:
| Feature | 2012 | 2014 | 2016 | 2017 | 2019 | 2022 |
|---|---|---|---|---|---|---|
| Azure pay-as-you-go billing | Yes | Yes | Yes | Yes | Yes | Yes |
| Best practices assessment | Yes | Yes | Yes | Yes | Yes | Yes |
| Detailed database inventory | Yes | Yes | Yes | Yes | Yes | Yes |
| Microsoft Entra ID authentication for SQL Server | No | No | No | No | No | Yes |
| Microsoft Defender for Cloud | Yes | Yes | Yes | Yes | Yes | Yes |
| Microsoft Purview: DevOps policies | No | No | No | No | No | Yes |
| Microsoft Purview: data owner policies (preview) | No | No | No | No | No | Yes |
| Automated backups to local storage (preview) | Yes | Yes | Yes | Yes | Yes | Yes |
| Point-in-time-restore (preview) | Yes | Yes | Yes | Yes | Yes | Yes |
| Automated patching | Yes 1 | Yes | Yes | Yes | Yes | Yes |
| Failover cluster instances (preview) | Yes | Yes | Yes | Yes | Yes | Yes |
| Always On availability groups (preview) | Yes | Yes | Yes | Yes | Yes | Yes |
| Monitoring (preview) | Yes | Yes | Yes | Yes | Yes | Yes |
1 Requires subscription to Extended Security Updates (ESU) enabled by Azure Arc.
Feature availability by edition
The following table identifies features available by SQL Server edition:
| Feature | Enterprise | Standard | Web | Express | Developer | Evaluation |
|---|---|---|---|---|---|---|
| Azure pay-as-you-go billing | Yes | Yes | Not applicable | Not applicable | Not applicable | Not applicable |
| Best practices assessment | Yes | Yes | Yes | Yes | Yes | Yes |
| Detailed database inventory | Yes | Yes | Yes | Yes | Yes | Yes |
| Microsoft Entra ID authentication | Yes | Yes | Yes | Yes | Yes | Yes |
| Microsoft Defender for Cloud | Yes | Yes | Yes | Yes 1 | Yes | Yes |
| Microsoft Purview: Govern using DevOps and data owner policies | Yes | Yes | Yes | Yes | Yes | Yes |
| Automated backups to local storage (preview) | Yes | Yes | Yes | Yes | Yes | Yes |
| Point-in-time-restore (preview) | Yes | Yes | Yes | Yes | Yes | Yes |
| Automated patching | Yes | Yes | Yes | Yes | Yes | Yes |
| Failover cluster instances (preview) | Yes | Yes | Not applicable | Not applicable | Yes | Not applicable |
| Always On availability groups (preview) | Yes | Yes | Not applicable | Not applicable | Yes | Not applicable |
| Monitoring (preview) | Yes | Yes | No | No | No | No |
1 Express LocalDB isn't supported.
Supported SQL Server versions and operating systems
Azure Arc-enabled SQL Server supports SQL Server 2012 (11.x) and later versions, running on one of the following versions of the Windows or Linux operating system:
- Windows Server 2012 and later versions
- Ubuntu 20.04 (x64)
- Red Hat Enterprise Linux (RHEL) 8 (x64)
- SUSE Linux Enterprise Server (SLES) 15 (x64)
Support for Azure Arc-enabled SQL Server failover cluster instances (FCI) is introduced as preview in October, 2023.
Important
Windows Server 2012 and Windows Server 2012 R2 support ended on October 10, 2023. For more information, see SQL Server 2012 and Windows Server 2012/2012 R2 end of support.
Unsupported configurations
Azure Arc-enabled SQL Server doesn't currently support the following configurations:
- SQL Server running in containers.
- SQL Server roles other than the Database Engine, such as Analysis Services (SSAS), Reporting Services (SSRS), or Integration Services (SSIS).
- SQL Server editions: Business Intelligence.
- Private Link connections to the Azure Arc data processing service at the
san-af-<region>-prod.azurewebsites.netendpoint used for inventory and usage upload. - SQL Server 2008 (10.0.x), SQL Server 2008 R2 (10.50.x), and older versions.
- Installing the Arc agent and SQL Server extension can't be done as part of sysprep image creation.
- Multiple instances of SQL Server installed on the same host operating system with the same instance name.
- SQL Server in Azure Virtual Machines.
- SQL Server Always On availability group on failover cluster instances.
- The rare combination of availability group on failover cluster instances.
Note
Azure extension for SQL Server fully supports VMware clusters outside of Azure. Although the SQL Server 2022 (16.x) Setup Installation Wizard does not support installation of the Azure extension for SQL Server, this component can be installed from the command line in quiet mode, or by connecting SQL Server to Azure Arc. For more information, see Install and connect to Azure and Automatically connect your SQL Server to Azure Arc.
Supported Azure regions
Arc-enabled SQL Server is available in the following regions:
- East US
- East US 2
- West US
- West US 2
- West US 3
- Central US
- North Central US
- South Central US
- West Central US
- Canada Central
- Canada East
- UK South
- France Central
- West Europe
- North Europe
- Switzerland North
- Central India
- Brazil South
- South Africa North
- UAE North
- Japan East
- Korea Central
- Southeast Asia
- Australia East
Important
For successful onboarding and functioning, assign the same region to both Arc-enabled Server and Arc-enabled SQL Server.
Related content
Feedback
Submit and view feedback for