Written by 9:22 am Microsoft, Microsoft Azure, SQL Server, Windows Server • One Comment

How to add an Azure Arc enabled SQL Server

Azure Arc enabled SQL Server

A couple of months ago Microsoft announced a new Hybrid Cloud feature called Azure Arc enabled SQL Server. Azure Arc enabled SQL Server allows you to manage your global inventory of SQL servers, protect SQL Server instances with Azure Security Center or periodically assess and tune the health of your SQL Server configurations. In this blog post, we will cover how you can add SQL Server to Azure Management using Azure Arc.

Azure Arc enabled SQL Server Architecture

Azure Arc enabled SQL Server Architecture

Prerequisites

Before you add an Azure Arc enabled SQL Server, you need to prepare the following prerequisites:

  • A virtual or physical machine running SQL Server. The machine hosting SQL Server must be connected to the internet directly or via a proxy server. Running one of the following operating systems:
    • Windows Server 2012 R2 and higher
    • Ubuntu 16.04 and 18.04 (x64)
    • CentOS Linux 7 (x64)
    • SUSE Linux Enterprise Server (SLES) 15 (x64)
  • The Connected Machine agent communicates outbound securely to Azure Arc over TCP port 443. If the machine connects through a firewall or a HTTP proxy server to communicate over the Internet, review the network configuration requirements for the Connected Machine agent.
  • A user account with permissions (An user account with local admin rights.
  • Azure PowerShell installed on the computer executing the onboarding script.
  • You need to have the “Microsoft.AzureData” provider namespace registered. You can run the following Azure PowerShell command to do that: “Register-AzResourceProvider -ProviderNamespace Microsoft.AzureData”. You can run that command in Azure Cloud Shell.

To learn more about the prerequisites, check out the following Microsoft Docs page.

Connect an Azure Arc enabled SQL Server

To add and connect an Azure Arc enabled SQL Server, you can simply open Azure Arc in the Azure Portal. On the new Azure Arc overview page, you can find all the different Azure Arc services you can connect and manage.

Azure Arc in the Azure Portal

Azure Arc in the Azure Portal

Browse to SQL Servers and click on “Add“.

Azure Arc SQL Server

Azure Arc SQL Server

The wizard will help you to generate a script, which you can run to connect your SQL Server to Azure using Azure Arc. You need to select the spesific subscription, resource group, regsion and operating system.

Register Azure Arc enabled SQL Server

Register Azure Arc enabled SQL Server

The wizard will generate a script for the spesific OS, which you can download and run to connect and register your Azure Arc enabled SQL Server.

Download Script

Download Script

After you have run the script on your SQL Server, your SQL Server will show up in the Azure portal. The script can be run interactively. However, it is recommended to use service principals if you are running registrations of machines at-scale. After you have registered your SQL Server, the server will show up in the Azure portal.

Azure Arc Enabled SQL Servers

Azure Arc Enabled SQL Servers

Now you can already take advantage of Azure Security Center recommendations.

SQL Server Security Alerts - Azure Security Center

SQL Server Security Alerts – Azure Security Center

And have a closer look at the spesific recommendations to secure your MS SQL Server.

Vulnerability assessment findings

Vulnerability assessment findings

Configure on-demand SQL assessment

The SQL Server assessment allows you to diagnose potential issues with your SQL Server environment running on-premises, on Microsoft Azure Virtual Machines (VMs), or on Amazon Web Services (AWS) VMs. To configure the on-demand SQL assessment for Azure Arc enabled SQL Server instances, you have a couple of prerequisites that you can find here. After you have deployed the additional Log Analytics extensions to your Arc enabled Server, you simply need to download and run the script from the portal.

SQL Server Environment Health

SQL Server Environment Health

After the awhile the assessment results become available, and you can view them in the portal.

Conclusion

I hope this blog post provides you with a short overview of how you can connect your on-premises or multi-cloud SQL Servers, to Microsoft Azure using Azure Arc. Azure Arc enabled SQL Server provides you with Azure Security Center to produce a comprehensive report of vulnerabilities in SQL Servers and get advanced, real-time security alerts for threats to SQL Servers and the OS, and investigate threats in SQL Servers using Azure Sentinel.

If you have any questions feel free to leave a comment below.

Tags: , , , , , , , , , , , , , Last modified: October 6, 2020
Close Search Window
Close