Azure SQL Database Managed Instance (Part 1 - Overview)

Share this blog :Share on Facebook
Tweet about this on Twitter
Share on LinkedIn


Azure SQL Database Managed Instance (preview) is a new capability of Azure SQL Database, providing near 100% compatibility with SQL server on-premises and a native virtual network (VNet) implementation that addresses common security concerns. With this, existing SQL Server customers can lift and shift their on-premises applications to the cloud with minimal database changes by preserving all PaaS capabilities.

Key features and capabilities of Managed Instance:

PaaS benefits Business continuity
  • No hardware purchasing and management
  • No management overhead for managing underlying infrastructure
  • Quick provisioning and service scaling
  • Automated patching and version upgrade
  • Integration with other PaaS data services
  • 99.99% uptime SLA
  • Built in high availability
  • Data protected with automated backups
  • Customer configurable backup retention period (fixed to 7 days in Public Preview)
  • User-initiated backups
  • Point in time database restore capability
Security and compliance


  • Isolated environment (VNet integration, single-tenant service, dedicated compute and storage)
  • Encryption of the data in transit
  • Azure AD authentication, single sign-on support
  • Adheres to compliance standards same as Azure SQL database
  • SQL auditing
  • Threat detection
  • Azure Resource Manager API for automating service provisioning and scaling
  • Azure portal functionality for manual service provisioning and scaling
  • Data Migration Service

Advanced security and compliance

  • Managed Instance security isolation: Includes Native Virtual Network implementation, connectivity to on-premises environment using Azure Express Route or VPN Gateway; SQL endpoint is exposed only through a private IP address; and Single-tenant with dedicated underlying infrastructure.
  • Auditing for compliance and security: Tracks and writes database events to an audit log in Azure.
  • Data encryption in motion: Secures data by providing encryption using Transport Layer Security.
  • Dynamic data masking: Limits sensitive data exposure by masking it to nonprivileged users.
  • Row-level security: Controls access to rows based on characteristics of the user.
  • Threat detection: Provides additional layer of security intelligence that detects unusual behaviour.
  • Azure active directory and multi-factor authentication: Centrally manage user identity with AAD integration.

Leave a Reply

Your email address will not be published. Required fields are marked *