feat: Sql mi changes (#457)

Co-authored-by: Kyle Poineal <38540295+kpoineal@users.noreply.github.com> Co-authored-by: Zach Trocinski <ztrocinski@outlook.com> Co-authored-by: Zach Trocinski <30884663+oZakari@users.noreply.github.com>
Azure · Oct 17, 2024 · a44f39b · a44f39b
1 parent 5a120a8
commit a44f39b
Show file tree

Hide file tree

Showing 8 changed files with 39 additions and 24 deletions.
diff --git a/azure-resources/Network/connections/kql/f6a14b32-a727-4ace-b5fa-7b1c6bdff402.kql b/azure-resources/Network/connections/kql/f6a14b32-a727-4ace-b5fa-7b1c6bdff402.kql
@@ -16,4 +16,4 @@ resources
 | where not(erGatewayBypass) or not(privateLinkFastPath)
 | project recommendationId = "f6a14b32-a727-4ace-b5fa-7b1c6bdff402", id, name, tags,
     param1 = iff(erGatewayBypass, "Enabled: Gateway Bypass", "Disabled: Gateway Bypass"),
-    param2 = iff(privateLinkFastPath, "Enabled: PE FastPath", "Disabled: PE FastPath"),
+    param2 = iff(privateLinkFastPath, "Enabled: PE FastPath", "Disabled: PE FastPath")
diff --git a/azure-resources/Sql/managedInstances/kql/15e2712c-f3ea-4a8d-9081-11e822b1ccfb.kql b/azure-resources/Sql/managedInstances/kql/15e2712c-f3ea-4a8d-9081-11e822b1ccfb.kql
@@ -1,2 +1,8 @@
-// under-development
-
+// Azure Resource Graph Query
+// Managed Instance storage backup redundancy check – any server that is not configured for GZRS
+resources
+| where type =~ 'Microsoft.Sql/managedInstances'
+| extend backupredundancy=properties.storageAccountType
+| extend ServiceTier = sku.tier
+| where backupredundancy != 'GeoZone'
+| project recommendationId='15e2712c-f3ea-4a8d-9081-11e822b1ccfb', name, id, param1=strcat('Service Tier:', ServiceTier), param2=strcat('Backup Redundancy:', backupredundancy)
diff --git a/azure-resources/Sql/managedInstances/kql/257cd903-700f-4a79-bd37-7dce2b511df4.kql b/azure-resources/Sql/managedInstances/kql/257cd903-700f-4a79-bd37-7dce2b511df4.kql
@@ -1,2 +1 @@
-// under-development
-
+// cannot-be-validated-with-arg
diff --git a/azure-resources/Sql/managedInstances/kql/9fad5392-b852-4807-9b6d-3f700ff9771a.kql b/azure-resources/Sql/managedInstances/kql/9fad5392-b852-4807-9b6d-3f700ff9771a.kql
@@ -1,2 +1 @@
-// under-development
-
+// cannot-be-validated-with-arg
diff --git a/azure-resources/Sql/managedInstances/kql/c14de326-2729-4be7-a91f-4ea185d24b10.kql b/azure-resources/Sql/managedInstances/kql/c14de326-2729-4be7-a91f-4ea185d24b10.kql
@@ -1,2 +1,7 @@
-// under-development
-
+// Azure Resource Graph Query
+// Use Redirect connection type to accelerate application access
+resources
+| where type =~ 'Microsoft.Sql/managedInstances'
+| extend connectionpolicy=properties.proxyOverride
+| where connectionpolicy != 'Redirect'
+| project recommendationId='c14de326-2729-4be7-a91f-4ea185d24b10', name, id, tags, param1=strcat('Connection Policy:', connectionpolicy)
diff --git a/azure-resources/Sql/managedInstances/kql/c9afeb1e-e706-4809-be4e-75d9fac708f2.kql b/azure-resources/Sql/managedInstances/kql/c9afeb1e-e706-4809-be4e-75d9fac708f2.kql
@@ -1,2 +1 @@
-// under-development
-
+// cannot-be-validated-with-arg
diff --git a/azure-resources/Sql/managedInstances/kql/f8f834a9-c761-4e84-b2cb-ac55494d0c37.kql b/azure-resources/Sql/managedInstances/kql/f8f834a9-c761-4e84-b2cb-ac55494d0c37.kql
@@ -1,2 +1,9 @@
-// under-development
-
+// Azure Resource Graph Query
+// Managed Instance zone redundancy check – any server that is not configured for ZR
+resources
+| where type =~ 'Microsoft.Sql/managedInstances'
+| extend InstanceName = properties.fullyQualifiedDomainName
+| extend ServiceTier = sku.tier
+| extend zoneRedundant=properties.zoneRedundant
+| where zoneRedundant == 'false'
+| project recommendationId='f8f834a9-c761-4e84-b2cb-ac55494d0c37', name, id, tags, param1=strcat('Service Tier:', ServiceTier), param2=strcat('Zone Redundant:', zoneRedundant)
diff --git a/azure-resources/Sql/managedInstances/recommendations.yaml b/azure-resources/Sql/managedInstances/recommendations.yaml
@@ -1,16 +1,16 @@
-- description: Enable zone redundancy for Azure SQL Managed Instance to achieve high availability and resiliency
+- description: Enable zone redundancy for Azure SQL Managed Instance to improve high availability and resiliency
   aprlGuid: f8f834a9-c761-4e84-b2cb-ac55494d0c37
   recommendationTypeId: null
   recommendationControl: High Availability
   recommendationImpact: High
   recommendationResourceType: Microsoft.Sql/managedInstances
   recommendationMetadataState: Active
   longDescription: |
-    By default, Azure SQL Database premium tier provisions multiple copies within the same region. For geo redundancy, databases can be set as Zone Redundant, distributing copies across Azure Availability Zones to maintain availability during regional outages.
+    Azure SQL Managed Instance offers built-in availability by deploying multiple replicas in the same zone. For higher availability, use a zone-redundant configuration that spreads replicas across three Azure availability zones, each with independent power, cooling, and networking.
   potentialBenefits: Enhanced availability and reliability
   pgVerified: false
   publishedToLearn: false
-  automationAvailable: false
+  automationAvailable: True
   tags: null
   learnMoreLink:
     - name: High availability through zone-redundancy
@@ -19,16 +19,16 @@
 - description: Use Zone-redundant or Geo-zone-redundant Backup storage redundancy
   aprlGuid: 15e2712c-f3ea-4a8d-9081-11e822b1ccfb
   recommendationTypeId: null
-  recommendationControl: High Availability
+  recommendationControl: Disaster Recovery
   recommendationImpact: High
   recommendationResourceType: Microsoft.Sql/managedInstances
   recommendationMetadataState: Active
   longDescription: |
-    This copies your backups synchronously across three Azure availability zones in the primary region, if Geo is selected it creates 3 more copies in a secondary region.
+    Configuring zone redundancy option for backups copies your backup file synchronously across three Azure availability zones in the primary region. If Geo is selected, then it copies your data asynchronously three times to a single physical location in the paired secondary region.
   potentialBenefits: Enhanced availability and reliability
   pgVerified: false
   publishedToLearn: false
-  automationAvailable: false
+  automationAvailable: True
   tags: null
   learnMoreLink:
     - name: Backup storage redundancy
@@ -42,11 +42,11 @@
   recommendationResourceType: Microsoft.Sql/managedInstances
   recommendationMetadataState: Active
   longDescription: |
-    Redirect mode enables direct connectivity to the instance resulting in improved latency and throughput. Redirect mode applies to the VNet-local endpoint only, while the public endpoint will always default to Proxy connection mode.
+    Redirect mode enables direct connectivity to the instance bypassing the local gateway component and resulting in improved latency and throughput. Redirect mode applies to the VNet-local endpoint only, while the public and private endpoint will always operate in Proxy connection mode.
   potentialBenefits: Improved latency and throughput
   pgVerified: false
   publishedToLearn: false
-  automationAvailable: false
+  automationAvailable: True
   tags: null
   learnMoreLink:
     - name: Connection types
@@ -60,7 +60,7 @@
   recommendationResourceType: Microsoft.Sql/managedInstances
   recommendationMetadataState: Active
   longDescription: |
-    If an outage impacts one or more of the databases in the managed instance, you can manually or automatically failover all the databases inside the instance to a secondary region.
+    During an outage on the managed instance, use the failover group to switch all databases to a secondary region, either manually or automatically. Route connections to the failover group’s listener instead of the primary instance to avoid changing the connection string after geo-failover.
   potentialBenefits: Ensure seamless service with cross-region failover
   pgVerified: false
   publishedToLearn: false
@@ -78,15 +78,15 @@
   recommendationResourceType: Microsoft.Sql/servers
   recommendationMetadataState: Active
   longDescription: |
-    Monitoring and alerting are an important part of database operations. When working with Azure SQL Database, make use of Azure Monitor and SQL Insights to ensure that you capture relevant database metrics.
+    Monitoring and alerting are an important part of database operations. When working with Azure SQL Managed Instance, make use of Azure Monitor and Database watcher to ensure that you capture relevant database metrics.
   potentialBenefits: Quick incident detection and response
   pgVerified: false
   publishedToLearn: false
   automationAvailable: false
   tags: null
   learnMoreLink:
     - name:  Azure SQL Managed Instance monitoring options
-      url: "https://techcommunity.microsoft.com/t5/azure-sql/monitoring-options-available-for-azure-sql-managed-instance/ba-p/1065416"
+      url: "https://learn.microsoft.com/azure/azure-sql/managed-instance/monitoring-sql-managed-instance-azure-monitor?view=azuresql-mi"
 
 - description: Back Up Your Keys
   aprlGuid: 9fad5392-b852-4807-9b6d-3f700ff9771a