Skip to content

Instantly share code, notes, and snippets.

@kongou-ae

kongou-ae/gist:7459c120bb74a6c15a805d9cdb532d83

Created June 23, 2017 12:27
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save kongou-ae/7459c120bb74a6c15a805d9cdb532d83 to your computer and use it in GitHub Desktop.
Save kongou-ae/7459c120bb74a6c15a805d9cdb532d83 to your computer and use it in GitHub Desktop.
Download ZIP
github api
Raw
gistfile1.txt
https://api.github.com/repos/Microsoft/azure-docs/events
[
{
id: "6121971036",
type: "PushEvent",
actor: {
id: 4665434,
login: "v-alje",
display_login: "v-alje",
gravatar_id: "",
url: "https://api.github.com/users/v-alje",
avatar_url: "https://avatars.githubusercontent.com/u/4665434?"
},
repo: {
id: 72685026,
name: "Microsoft/azure-docs",
url: "https://api.github.com/repos/Microsoft/azure-docs"
},
payload: {
push_id: 1817795792,
size: 163,
distinct_size: 163,
ref: "refs/heads/FromPrivateRepo",
head: "fbaadc66374ee346a30fd2548a26429d4b6da6f2",
before: "adaaf80d29da6f3fb828f4fb483d14a9afaf7651",
commits: [
{
sha: "c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
author: {
email: "mani@mani-desktop.redmond.corp.microsoft.com",
name: "subramar@microsoft.com"
},
message: "Merge branch 'master' of https://github.com/Microsoft/azure-docs-pr",
distinct: true,
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/c8afc1dc9d48c793fd531917fea7b27cde7b14b7"
},
{
sha: "8c84ecf98b6f66e19125d72556377d64e5aaa979",
author: {
email: "cgronlun@microsoft.com",
name: "Carolyn Gronlund"
},
message: "filenaming change proposal",
distinct: true,
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/8c84ecf98b6f66e19125d72556377d64e5aaa979"
},
{
sha: "f919e01229ca0f8a9197ca6c0f375016a8fdc255",
author: {
email: "cgronlun@microsoft.com",
name: "Carolyn Gronlund"
},
message: "filename proposal update",
distinct: true,
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/f919e01229ca0f8a9197ca6c0f375016a8fdc255"
},
{
sha: "fa57b4c7cc860e90663a5d30212b7a5b09c78069",
author: {
email: "cgronlun@microsoft.com",
name: "Carolyn Gronlund"
},
message: "Merge branch 'master' of https://github.com/Microsoft/azure-docs-pr into file-naming",
distinct: true,
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/fa57b4c7cc860e90663a5d30212b7a5b09c78069"
},
{
sha: "6028ea848fd985d37a3568f452a6b90f600e9533",
author: {
email: "cgronlun@microsoft.com",
name: "Carolyn Gronlund"
},
message: "note about not going crazy on redirection",
distinct: true,
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/6028ea848fd985d37a3568f452a6b90f600e9533"
},
{
sha: "c2a034cd74046df0c62791a51052f8938faee988",
author: {
email: "cgronlun@microsoft.com",
name: "Carolyn Gronlund"
},
message: "formatting fix",
distinct: true,
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/c2a034cd74046df0c62791a51052f8938faee988"
},
{
sha: "19350da11d44d2f2d8346784fa3a6b86377a45cc",
author: {
email: "mani@mani-desktop.redmond.corp.microsoft.com",
name: "subramar@microsoft.com"
},
message: "Merge branch 'master' of https://github.com/Microsoft/azure-docs-pr",
distinct: true,
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/19350da11d44d2f2d8346784fa3a6b86377a45cc"
},
{
sha: "82b0badf07b4df973eac2ce59d23b0a2cbbe4f25",
author: {
email: "mani@mani-desktop.redmond.corp.microsoft.com",
name: "subramar@microsoft.com"
},
message: "Adding Hyper-V docs and fixing typos",
distinct: true,
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/82b0badf07b4df973eac2ce59d23b0a2cbbe4f25"
},
{
sha: "e4a127e0e58194c9c48a397e68fff66b8d0232d0",
author: {
email: "mani@mani-desktop.redmond.corp.microsoft.com",
name: "subramar@microsoft.com"
},
message: "Merge branch 'master' of https://github.com/Microsoft/azure-docs-pr",
distinct: true,
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/e4a127e0e58194c9c48a397e68fff66b8d0232d0"
},
{
sha: "b4dc6c0a3ff20b58e641a8ebdeed4af1b6d7199a",
author: {
email: "mani@mani-desktop.redmond.corp.microsoft.com",
name: "subramar@microsoft.com"
},
message: "Adding Hyper-V docs and fixing typos",
distinct: true,
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/b4dc6c0a3ff20b58e641a8ebdeed4af1b6d7199a"
},
{
sha: "b89e260d904f11aedcc4ce5d2344f96f752d9f85",
author: {
email: "mani@mani-desktop.redmond.corp.microsoft.com",
name: "subramar@microsoft.com"
},
message: "Adding Hyper-V docs and fixing typos",
distinct: true,
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/b89e260d904f11aedcc4ce5d2344f96f752d9f85"
},
{
sha: "fdd5a7e99c82e95453aee083f523d44dfcbc9840",
author: {
email: "owend@microsoft.com",
name: "Owen Duncan"
},
message: "Numerous updates for authetication and user roles",
distinct: true,
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/fdd5a7e99c82e95453aee083f523d44dfcbc9840"
},
{
sha: "025f24f3b10e669ac8ed419b011904c1127c149b",
author: {
email: "owend@microsoft.com",
name: "Owen Duncan"
},
message: "Merge branch 'master' of https://github.com/Microsoft/azure-docs-pr into aas0607",
distinct: true,
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/025f24f3b10e669ac8ed419b011904c1127c149b"
},
{
sha: "5883961e56965ddbbedfd54eb7e856b5875f00fa",
author: {
email: "owend@microsoft.com",
name: "Owen Duncan"
},
message: "Fixed acrolinx and validation issues.",
distinct: true,
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/5883961e56965ddbbedfd54eb7e856b5875f00fa"
},
{
sha: "982e6298e3125c8b10cff7671f983024de27663a",
author: {
email: "owend@microsoft.com",
name: "Owen Duncan"
},
message: "Merge branch 'master' of https://github.com/Microsoft/azure-docs-pr into aas0607",
distinct: true,
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/982e6298e3125c8b10cff7671f983024de27663a"
},
{
sha: "b57fc95d073f1d4c38ec18eb9fbca1a660dcdb28",
author: {
email: "subramar@microsoft.com",
name: "Mani Ramaswamy"
},
message: "Merge branch 'master' into master",
distinct: true,
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/b57fc95d073f1d4c38ec18eb9fbca1a660dcdb28"
},
{
sha: "90e71f37b01bed77d3f9c83b2f6baa8d450f0220",
author: {
email: "mani@mani-desktop.redmond.corp.microsoft.com",
name: "subramar@microsoft.com"
},
message: "Merge branch 'master' of https://github.com/Microsoft/azure-docs-pr",
distinct: true,
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/90e71f37b01bed77d3f9c83b2f6baa8d450f0220"
},
{
sha: "347d89b090d84141ff25de3fd1a8c0d613ea0003",
author: {
email: "mani@mani-desktop.redmond.corp.microsoft.com",
name: "subramar@microsoft.com"
},
message: "Merge branch 'master' of https://github.com/mani-ramaswamy/azure-docs-pr",
distinct: true,
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/347d89b090d84141ff25de3fd1a8c0d613ea0003"
},
{
sha: "35c57be67b4d7eb6b3713136d93a27d8d7a761b6",
author: {
email: "mani@mani-desktop.redmond.corp.microsoft.com",
name: "subramar@microsoft.com"
},
message: "Fixing indentation",
distinct: true,
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/35c57be67b4d7eb6b3713136d93a27d8d7a761b6"
},
{
sha: "246fe2a9491f4851db7c8bce3533b7813021d011",
author: {
email: "owend@microsoft.com",
name: "Owen Duncan"
},
message: "Adding authenticationa and roles content",
distinct: true,
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/246fe2a9491f4851db7c8bce3533b7813021d011"
}
]
},
public: true,
created_at: "2017-06-22T22:11:38Z",
org: {
id: 6154722,
login: "Microsoft",
gravatar_id: "",
url: "https://api.github.com/orgs/Microsoft",
avatar_url: "https://avatars.githubusercontent.com/u/6154722?"
}
},
https://api.github.com/repos/Microsoft/azure-docs/commits/c8afc1dc9d48c793fd531917fea7b27cde7b14b7
{
sha: "c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
commit: {
author: {
name: "subramar@microsoft.com",
email: "mani@mani-desktop.redmond.corp.microsoft.com",
date: "2017-05-25T20:04:29Z"
},
committer: {
name: "subramar@microsoft.com",
email: "mani@mani-desktop.redmond.corp.microsoft.com",
date: "2017-05-25T20:04:29Z"
},
message: "Merge branch 'master' of https://github.com/Microsoft/azure-docs-pr",
tree: {
sha: "d498bd12b4f1431d064598d71d9486ebb59d02c6",
url: "https://api.github.com/repos/Microsoft/azure-docs/git/trees/d498bd12b4f1431d064598d71d9486ebb59d02c6"
},
url: "https://api.github.com/repos/Microsoft/azure-docs/git/commits/c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
comment_count: 0
},
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
html_url: "https://github.com/Microsoft/azure-docs/commit/c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
comments_url: "https://api.github.com/repos/Microsoft/azure-docs/commits/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/comments",
author: null,
committer: null,
parents: [
{
sha: "0dd8463992118f11e1a6f370e1a24f166b1f5679",
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/0dd8463992118f11e1a6f370e1a24f166b1f5679",
html_url: "https://github.com/Microsoft/azure-docs/commit/0dd8463992118f11e1a6f370e1a24f166b1f5679"
},
{
sha: "7392147f51ca0875197216ce1989f4572a6bd2ff",
url: "https://api.github.com/repos/Microsoft/azure-docs/commits/7392147f51ca0875197216ce1989f4572a6bd2ff",
html_url: "https://github.com/Microsoft/azure-docs/commit/7392147f51ca0875197216ce1989f4572a6bd2ff"
}
],
stats: {
total: 1253,
additions: 515,
deletions: 738
},
files: [
{
sha: "a1f7d445d115e0c589e8c96362e84b1b84ee1a76",
filename: "articles/active-directory/TOC.md",
status: "modified",
additions: 3,
deletions: 1,
changes: 4,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/active-directory/TOC.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/active-directory/TOC.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/active-directory/TOC.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -5,6 +5,7 @@ ## [Understand Azure identity solutions](understand-azure-identity-solutions.md) ## [Preview the Azure portal experience](active-directory-preview-explainer.md) + # Get started ## [Get an Azure AD tenant](active-directory-howto-tenant.md) ## [Sign up for Azure AD Premium](active-directory-get-started-premium.md) @@ -14,7 +15,8 @@ ### [Classic portal](active-directory-licensing-what-is.md) ## [Get Azure for your organization](sign-up-organization.md) ## [FAQs](active-directory-faq.md) -## [SaaS app tutorials](active-directory-saas-tutorial-list.md) +## [How to get support for Azure Active Directory](active-directory-troubleshooting-support-howto.md) +## [SaaS app integration tutorials](active-directory-saas-tutorial-list.md) # How to ## Plan and design"
},
{
sha: "a1d62c9934054aa42491ad14573042232dbee7d2",
filename: "articles/active-directory/active-directory-troubleshooting-support-howto.md",
status: "added",
additions: 53,
deletions: 0,
changes: 53,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/active-directory/active-directory-troubleshooting-support-howto.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/active-directory/active-directory-troubleshooting-support-howto.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/active-directory/active-directory-troubleshooting-support-howto.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -0,0 +1,53 @@ +--- +title: 'How to get support for Azure Active Directory | Microsoft Docs' +description: How to get support for Azure Active Directory +services: active-directory +documentationcenter: na +author: curtand +manager: femila +editor: '' + +ms.assetid: +ms.service: active-directory +ms.devlang: na +ms.topic: article +ms.tgt_pltfrm: na +ms.workload: identity +ms.date: 05/19/2017 +ms.author: curtand + +--- +# How to get support for Azure Active Directory + +Azure Active Directory (Azure AD) customer support is included in Microsoft Azure trial or paid subscriptions. + +## Find help without opening a support ticket + +Before creating a support ticket, check out the following resources for answers and information. + +* For content such as how-to info or code samples for IT professionals and developers, see the [technical documentation at docs.microsoft.com](https://docs.microsoft.com/azure/active-directory/) + +* The [Microsoft Tech Community](https://techcommunity.microsoft.com/) is the place for our IT pro partners and customers to collaborate, share, and learn. The [Microsoft Tech Community Info Center](https://techcommunity.microsoft.com/t5/Community-Info-Center/ct-p/Community-Info-Center) is used for announcements, blog posts, ask-me-anything (AMA) interactions with experts, and more. You can also [join the community to submit your ideas](https://techcommunity.microsoft.com/t5/Communities/ct-p/communities). + + +## Open a support ticket + +If you are unable to find answers by using self-help resources, you can open an online support ticket. Please limit each support ticket to a single issue so that we can connect you to support engineers who are the subject matter experts for your issue. Also, Azure Active Directory engineering teams prioritize their work based on incidents that are generated, so you're often contributing to service improvements. + +### How to open a support ticket + +1. Sign in to [the Azure portal](https://portal.azure.com) and open **Azure Active Directory**. +2. Scroll down to **Troubleshooting + Support** and select **New support request** +3. On the **Basics** blade, for **Issue type**, select **Technical**. +4. For **Service**, select **Azure Active Directory**, and then select **Next**. +5. On the **Problem** blade, select a Severity (linked to [Support scope and responsiveness](https://azure.microsoft.com/support/plans/response/)). +6. Select a **Problem type**, and then select a **Category** for that type. At this point, you'll also be offered self-help information for your problem category. +7. Add the rest of your problem information and click **Next**. +8. Provide your contact information and select **Create**. + ![problem category self-help screenshot](./media/active-directory-troubleshooting-support-howto/open-support-ticket.png) + +## Next steps + +* [Microsoft Tech Community](https://techcommunity.microsoft.com/) + +* [Technical documentation at docs.microsoft.com](https://docs.microsoft.com/azure/active-directory/)"
},
{
sha: "e4ae4d099819746160a70e79fb673f32fbae389e",
filename: "articles/active-directory/application-access-panel-extension-problem-installing.md",
status: "modified",
additions: 2,
deletions: 2,
changes: 4,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/active-directory/application-access-panel-extension-problem-installing.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/active-directory/application-access-panel-extension-problem-installing.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/active-directory/application-access-panel-extension-problem-installing.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -71,11 +71,11 @@ The prerequisites include: - You must have the "Edit settings" permission to edit the Group Policy Object (GPO). By default, members of the following security groups have this permission: Domain Administrators, Enterprise Administrators, and Group Policy Creator Owners. [Learn more](https://technet.microsoft.com/library/cc781991%28v=ws.10%29.aspx). -Follow the tutorial [How to Deploy the Access Panel Extension for Internet Explorer using Group Policy](https://docs.microsoft.com/azure/active-directory/active-directory-saas-ie-group-policy) for step by step instructions on how to configure the group policy and deploy it to users. +Follow the tutorial [How to Deploy the Access Panel Extension for Internet Explorer using Group Policy](active-directory-saas-ie-group-policy.md) for step by step instructions on how to configure the group policy and deploy it to users. ## Troubleshoot the Access Panel in Internet Explorer -Follow the [Troubleshoot the Access Panel Extension for Internet Explorer](https://docs.microsoft.com/azure/active-directory/active-directory-saas-ie-Troubleshoot) guide for access a diagnostics tool and step by step instructions on configuring the extension for IE. +Follow the [Troubleshoot the Access Panel Extension for Internet Explorer](active-directory-saas-ie-troubleshooting.md) guide for access a diagnostics tool and step by step instructions on configuring the extension for IE. ## If these troubleshooting steps do not resolve the issue "
},
{
sha: "5537a8f6d25676d107104dcb45cc26ebca05ce6c",
filename: "articles/active-directory/develop/active-directory-devquickstarts-openidconnect-nodejs.md",
status: "modified",
additions: 1,
deletions: 2,
changes: 3,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/active-directory/develop/active-directory-devquickstarts-openidconnect-nodejs.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/active-directory/develop/active-directory-devquickstarts-openidconnect-nodejs.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/active-directory/develop/active-directory-devquickstarts-openidconnect-nodejs.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -139,8 +139,7 @@ Here, we configure Express to use the OpenID Connect authentication protocol. P ``` Passport uses a similar pattern for all its strategies (Twitter, Facebook, and so on) that all strategy writers adhere to. Looking at the strategy, you see that we pass it a function that has a token and a done as the parameters. The strategy comes back to us after it does its work. Then we want to store the user and stash the token so we don't need to ask for it again. - > [!IMPORTANT] - > The previous code takes any user that happens to authenticate to our server. This is known as auto-registration. We recommend that you don't let anyone authenticate to a production server without first having them register via a process that you decide on. This is usually the pattern you see in consumer apps, which allow you to register with Facebook but then ask you to provide additional information. If this weren't a sample application, we could have extracted the user's email address from the token object that is returned and then asked the user to fill out additional information. Because this is a test server, we add them to the in-memory database. +[!IMPORTANT] The previous code takes any user that happens to authenticate to our server. This is known as auto-registration. We recommend that you don't let anyone authenticate to a production server without first having them register via a process that you decide on. This is usually the pattern you see in consumer apps, which allow you to register with Facebook but then ask you to provide additional information. If this weren't a sample application, we could have extracted the user's email address from the token object that is returned and then asked the user to fill out additional information. Because this is a test server, we add them to the in-memory database. 4. Next, let's add the methods that enable us to track the signed-in users as required by Passport. These methods include serializing and deserializing the user's information."
},
{
sha: "aff12ad20ded58e5280c590fff4fb2a4fcf86304",
filename: "articles/active-directory/media/active-directory-troubleshooting-support-howto/open-support-ticket.png",
status: "added",
additions: 0,
deletions: 0,
changes: 0,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/active-directory/media/active-directory-troubleshooting-support-howto/open-support-ticket.png",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/active-directory/media/active-directory-troubleshooting-support-howto/open-support-ticket.png",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/active-directory/media/active-directory-troubleshooting-support-howto/open-support-ticket.png?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7"
},
{
sha: "86cbce174f575aa50983b72f1473e74e2b3be35c",
filename: "articles/azure-functions/index.yml",
status: "modified",
additions: 3,
deletions: 1,
changes: 4,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/azure-functions/index.yml",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/azure-functions/index.yml",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/azure-functions/index.yml?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -77,5 +77,7 @@ sections: items: - title: Command-Line html: <p><a href="/cli/azure">Azure CLI</a></p> + - title: REST + html: <p><a href="/azure/azure-functions/functions-api-definition">OpenAPI</a></p> - title: Bindings - html: <p><a href="/azure/azure-functions/functions-bindings-timer">Cosmos DB bindings</p><p><a href="/azure/azure-functions/functions-bindings-twilio">Twilio output binding</p> + html: <p><a href="/azure/azure-functions/functions-bindings-storage-blob">Blob storage</a></p><p><a href="/azure/azure-functions/functions-bindings-timer">Cosmos DB</a></p><p><a href="/azure/azure-functions/functions-bindings-event-hubs">Event Hub</a></p><p><a href="/azure/azure-functions/functions-bindings-external-file">External file</a></p><p><a href="/azure/azure-functions/functions-bindings-http-webhook">HTTP and webhooks</a></p><p><a href="/azure/azure-functions/functions-bindings-mobile-apps">Mobile Apps</a></p><p><a href="/azure/azure-functions/functions-bindings-notification-hubs">Notification Hubs</a></p><p><a href="/azure/azure-functions/functions-bindings-storage-queue">Queue storage</a></p><p><a href="/azure/azure-functions/functions-bindings-sendgrid">SendGrid</a></p><p><a href="/azure/azure-functions/functions-bindings-service-bus">Service Bus</a></p><p><a href="/azure/azure-functions/functions-bindings-storage-table">Table storage</a></p><p><a href="/azure/azure-functions/functions-bindings-timer">Timer</a></p><p><a href="/azure/azure-functions/functions-bindings-twilio">Twilio output binding</a></p> \ No newline at end of file"
},
{
sha: "43fc42fd4392d08e53ac4d5a8e80d2e9b3ca7cdd",
filename: "articles/azure-resource-manager/TOC.md",
status: "modified",
additions: 0,
deletions: 1,
changes: 1,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/azure-resource-manager/TOC.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/azure-resource-manager/TOC.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/azure-resource-manager/TOC.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -64,7 +64,6 @@ #### [Portal](resource-group-create-service-principal-portal.md) ### [Authentication API to access subscriptions](resource-manager-api-authentication.md) ### [Lock resources](resource-group-lock-resources.md) -### [Security considerations](best-practices-resource-manager-security.md) ## Set resource policies ### [What are resource policies?](resource-manager-policy.md)"
},
{
sha: "baf7d64f7e16068c0c718f556af41e9597b469c4",
filename: "articles/azure-resource-manager/best-practices-resource-manager-design-templates.md",
status: "modified",
additions: 0,
deletions: 1,
changes: 1,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/azure-resource-manager/best-practices-resource-manager-design-templates.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/azure-resource-manager/best-practices-resource-manager-design-templates.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/azure-resource-manager/best-practices-resource-manager-design-templates.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -343,7 +343,6 @@ If you want to publish your template to the marketplace, you establish distinct **Adapting a solution scoped template for the marketplace** ## Next steps -* For recommendations about how to handle security in Azure Resource Manager, see [Security considerations for Azure Resource Manager](best-practices-resource-manager-security.md) * To learn about sharing state into and out of templates, see [Sharing state in Azure Resource Manager templates](best-practices-resource-manager-state.md). * For guidance on how enterprises can use Resource Manager to effectively manage subscriptions, see [Azure enterprise scaffold - prescriptive subscription governance](resource-manager-subscription-governance.md). "
},
{
sha: "2b7680465610d93245d631c8acb1e1959be0dd97",
filename: "articles/azure-resource-manager/best-practices-resource-manager-security.md",
status: "modified",
additions: 2,
deletions: 393,
changes: 395,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/azure-resource-manager/best-practices-resource-manager-security.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/azure-resource-manager/best-practices-resource-manager-security.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/azure-resource-manager/best-practices-resource-manager-security.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -1,394 +1,3 @@ --- -title: Security considerations for Resource Manager | Microsoft Docs -description: Shows recommended approaches in Azure Resource Manager for securing resources with keys and secrets, role-based access control and network security groups. -services: azure-resource-manager -documentationcenter: '' -author: george-moore -manager: georgem -editor: tysonn - -ms.assetid: c862e9c7-276b-46bf-bc0a-11868ac11459 -ms.service: azure-resource-manager -ms.workload: multiple -ms.tgt_pltfrm: na -ms.devlang: na -ms.topic: article -ms.date: 08/01/2016 -ms.author: georgem;tomfitz - ---- -# Security considerations for Azure Resource Manager -When looking at aspects of security for your Azure Resource Manager templates, there are several areas to consider – keys and secrets, role-based access control, -and network security groups. - -This topic assumes you are familiar with Role-Based Access Control (RBAC) in Azure Resource Manager. For more information, see -[Azure Role-based Access Control](../active-directory/role-based-access-control-configure.md). - -This topic is part of a larger whitepaper. To read the full paper, download [World Class ARM Templates Considerations and Proven Practices](http://download.microsoft.com/download/8/E/1/8E1DBEFA-CECE-4DC9-A813-93520A5D7CFE/World Class ARM Templates - Considerations and Proven Practices.pdf). - -## Secrets and certificates -Azure Virtual Machines, Azure Resource Manager and Azure Key Vault are fully integrated to provide support for the secure handling of certificates which are -to be deployed in the VM. Utilizing Azure Key Vault with Resource Manager to orchestrate and store VM secrets and certificates is a best practice and -provides the following advantages: - -* The templates only contain URI references to the secrets, which means the actual secrets are not in code, configuration or source code repositories. This prevents - key phishing attacks on internal or external repos, such as harvest-bots in GitHub. -* Secrets stored in the Key Vault are under full RBAC control of a trusted operator. If the trusted operator leaves the company or transfers within the - company to a new group, they no longer have access to the keys they created in the Vault. -* Full compartmentalization of all assets: - * the templates to deploy the keys - * the templates to deploy a VM with references to the keys - * the actual key materials in the Vault. - Each template (and action) can be under different RBAC roles for full separation of duties. -* The loading of secrets into a VM at deployment time occurs via direct channel between the Azure Fabric and the Key Vault within the confines of the Microsoft - datacenter. Once the keys are in the Key Vault, they never see 'daylight' over an untrusted channel outside of the datacenter. -* Key Vaults are always regional, so the secrets always have locality (and sovereignty) with the VMs. There are no global Key Vaults. - -### Separation of keys from deployments -A best practice is to maintain separate templates for: - -1. Creation of vaults (which will contain the key material) -2. Deployment of the VMs (with URI references to the keys contained in the vaults) - -A typical enterprise scenario is to have a small group of Trusted Operators who have access to critical secrets within the deployed workloads, with a broader group -of dev/ops personnel who can create or update VM deployments. Below is an example ARM template which creates and configures a new vault in the context -of the currently authenticated user's identity in Azure Active Directory. This user would have the default permission to create, delete, list, update, backup, -restore, and get the public half of keys in this new key vault. - -While most of the fields in this template should be self-explanatory, the **enableVaultForDeployment** setting deserves more background: vaults do not have any default -standing access by any other Azure infrastructure component. By setting this value, it allows the Azure Compute infrastructure components read-only access to this -specific named vault. Therefore, a further best practice is to not comingle corporate sensitive data in the same vault as virtual machine secrets. - - { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "keyVaultName": { - "type": "string", - "metadata": { - "description": "Name of the Vault" - } - }, - "location": { - "type": "string", - "allowedValues": ["East US", "West US", "West Europe", "East Asia", "South East Asia"], - "metadata": { - "description": "Location of the Vault" - } - }, - "tenantId": { - "type": "string", - "metadata": { - "description": "Tenant Id of the subscription. Get using Get-AzureSubscription cmdlet or Get Subscription API" - } - }, - "objectId": { - "type": "string", - "metadata": { - "description": "Object Id of the AD user. Get using Get-AzureADUser cmdlet" - } - }, - "skuName": { - "type": "string", - "allowedValues": ["Standard", "Premium"], - "metadata": { - "description": "SKU for the vault" - } - }, - "enableVaultForDeployment": { - "type": "bool", - "allowedValues": [true, false], - "metadata": { - "description": "Specifies if the vault is enabled for a VM deployment" - } - } - }, - "resources": [{ - "type": "Microsoft.KeyVault/vaults", - "name": "[parameters('keyVaultName')]", - "apiVersion": "2014-12-19-preview", - "location": "[parameters('location')]", - "properties": { - "enabledForDeployment": "[parameters('enableVaultForDeployment')]", - "tenantid": "[parameters('tenantId')]", - "accessPolicies": [{ - "tenantId": "[parameters('tenantId')]", - "objectId": "[parameters('objectId')]", - "permissions": { - "secrets": ["all"], - "keys": ["all"] - } - }], - "sku": { - "name": "[parameters('skuName')]", - "family": "A" - } - } - }] - } - -Once the vault is created, the next step is to reference that vault in the deployment template of a new VM. As mentioned above, a best practice is to have a -different dev/ops group manage VM deployments, with that group having no direct access to the keys as stored in the vault. - -The below template fragment would be composed into higher order deployment constructs, each safely and securely referencing highly-sensitive secrets which are not -under the direct control of the operator. - - "vaultName": { - "type": "string", - "metadata": { - "description": "Name of Key Vault that has a secret" - } - }, - { - "apiVersion": "2015-05-01-preview", - "type": "Microsoft.Compute/virtualMachines", - "name": "[parameters('vmName')]", - "location": "[parameters('location')]", - "properties": { - "osProfile": { - "secrets": [{ - "sourceVault": { - "id": "[resourceId('vaultrg', 'Microsoft.KeyVault/vaults', 'kayvault')]" - }, - "vaultCertificates": [{ - "certificateUrl": "[parameters('secretUrlWithVersion')]", - "certificateStore": "My" - }] - }] - } - } - } - -To pass a value from a key vault as a parameter during deployment of a template, see [Pass secure values during deployment](resource-manager-keyvault-parameter.md). - -## Service principals for cross-subscription interactions -Service identities are represented by service principals in Active Directory. Service principals will be at the center of enabling key scenarios for Enterprise IT organizations, System Integrators (SI), and Cloud Service Vendors (CSV). Specifically, there will be use cases where one of these organizations will need to interact with the subscription of one of their customers. - -Your organization could provide an offering that will monitor a solution deployed in your customers environment and subscription. In this case, you will need to -get access to logs and other data within a customers account so that you can utilize it in your monitoring solution. If you're a corporate IT organization, a systems integrator, you may provide an offering to a customer where you will deploy and manage a capability for them, -such as a data analytics platform, where the offering resides in the customers own subscription. - -In these use cases, your organization would require an identity that could be given access to perform these actions within the context of a customer subscription. - -These scenarios bring with them a certain set of considerations for your customer: - -* For security reasons, access may need to be scoped to certain types of actions, e.g. read only access. -* As deployed resources are provided at a cost, there may be similar constraints on access required for financial reasons. -* For security reasons, access may need to be scoped only to a specific resource (storage accounts) or resources (resource group containing an environment or solution) -* As a relationship with a vendor may change, the customer will want to have the ability to enable/disable access to SI or CSV -* As actions against this account having billing implications, the customer desires support for auditability and accountability for billing. -* From a compliance perspective, the customer will want to be able to audit your behavior within their environment - -A combination of a service principal and RBAC can be used to address these requirements. - -## Network security groups -Many scenarios will have requirements that specify how traffic to one or more VM instances in your virtual network is controlled. You can use a Network Security -Group (NSG) to do this as part of an ARM template deployment. - -A network security group is a top-level object that is associated with your subscription. An NSG contains access control rules that allow or deny traffic to -VM instances. The rules of an NSG can be changed at any time, and changes are applied to all associated instances. To use an NSG, you must have a virtual network -that is associated with a region (location). NSGs are not compatible with virtual networks that are associated with an affinity group. If you don’t have a -regional virtual network and you want to control traffic to your endpoints, please see [About Network Access Control Lists (ACLs)](../virtual-network/virtual-networks-acl.md). - -You can associate an NSG with a VM, or to a subnet within a virtual network. When associated with a VM, the NSG applies to all the traffic that is sent and -received by the VM instance. When applied to a subnet within your virtual network, it applies to all the traffic that is sent and received by all the VM instances -in the subnet. A VM or subnet can be associated with only 1 NSG, but each NSG can contain up to 200 rules. You can have 100 NSGs per subscription. - -> [!NOTE] -> Endpoint-based ACLs and network security groups are not supported on the same VM instance. If you want to use an NSG and have an endpoint ACL already in place, first remove the endpoint ACL. For information about how to do this, see [Managing Access Control Lists (ACLs) for Endpoints by using PowerShell](../virtual-network/virtual-networks-acl-powershell.md). -> -> - -### How network security groups work -Network security groups are different than endpoint-based ACLs. Endpoint ACLs work only on the public port that is exposed through the Input endpoint. An -NSG works on one or more VM instances and controls all the traffic that is inbound and outbound on the VM. - -A network security group has a *Name*, is associated with a *Region* (one of the supported Azure locations), and has a descriptive label. It contains two types of -rules, Inbound and Outbound. The Inbound rules are applied on the incoming packets to a VM and the Outbound rules are applied to the outgoing packets from the VM. -The rules are applied at the server machine where the VM is located. An incoming or outgoing packet must match an Allow rule to be permitted; otherwise, it’s dropped. - -Rules are processed in the order of priority. For example, a rule with a lower priority number such as 100 is processed before rules with a higher priority numbers -such as 200. Once a match is found, no more rules are processed. - -A rule specifies the following: - -* Name: A unique identifier for the rule -* Type: Inbound/Outbound -* Priority: An integer between 100 and 4096 (rules processed from low to high) -* Source IP Address: CIDR of source IP range -* Source Port Range: An integer or range between 0 and 65536 -* Destination IP Range: CIDR of the destination IP Range -* Destination Port Range: An integer or range between 0 and 65536 -* Protocol: TCP, UDP or ‘\*’ -* Access: Allow/Deny - -### Default rules -An NSG contains default rules. The default rules can't be deleted, but because they are assigned the lowest priority, they can be overridden by the rules that -you create. The default rules describe the default settings recommended by the platform. As illustrated by the default rules below, traffic originating and ending -in a virtual network is allowed both in Inbound and Outbound directions. - -While connectivity to the Internet is allowed for outbound direction, it is by default blocked for inbound direction. A default rule allows the Azure load balancer -to probe the health of a VM. You can override this rule if the VM or set of VMs under the NSG does not participate in the load balanced set. - -The default rules are shown in the tables below. - -**Inbound default rules** - -| Name | Priority | Source IP | Source Port | Destination IP | Destination Port | Protocol | Access | -| --- | --- | --- | --- | --- | --- | --- | --- | -| ALLOW VNET INBOUND |65000 |VIRTUAL_NETWORK |\* |VIRTUAL_NETWORK |\* |\* |ALLOW | -| ALLOW AZURE LOAD BALANCER INBOUND |65001 |AZURE_LOADBALANCER |\* |\* |\* |\* |ALLOW | -| DENY ALL INBOUND |65500 |\* |\* |\* |\* |\* |DENY | - -**Outbound default rules** - -| Name | Priority | Source IP | Source Port | Destination IP | Destination Port | Protocol | Access | -| --- | --- | --- | --- | --- | --- | --- | --- | -| ALLOW VNET OUTBOUND |65000 |VIRTUAL_NETWORK |\* |VIRTUAL_NETWORK |\* |\* |ALLOW | -| ALLOW INTERNET OUTBOUND |65001 |\* |\* |INTERNET |\* |\* |ALLOW | -| DENY ALL OUTBOUND |65500 |\* |\* |\* |\* |\* |DENY | - -### Special infrastructure rules -NSG rules are explicit. No traffic is allowed or denied beyond what is specified in the NSG rules. However, two types of traffic are always allowed regardless of the -Network Security group specification. These provisions are made to support the infrastructure: - -* **Virtual IP of the Host Node**: Basic infrastructure services such as DHCP, DNS, and Health monitoring are provided through the virtualized host IP address - 168.63.129.16. This public IP address belongs to Microsoft and will be the only virtualized IP address used in all regions for this purpose. This IP address maps to - the physical IP address of the server machine (host node) hosting the VM. The host node acts as the DHCP relay, the DNS recursive resolver, and the probe source for the - load balancer health probe and the machine health probe. Communication to this IP address should not be considered as an attack. -* **Licensing (Key Management Service)**: Windows images running in the VMs should be licensed. To do this, a licensing request is sent to the Key Management Service - host servers that handle such queries. This will always be on outbound port 1688. - -### Default tags -Default tags are system-provided identifiers to address a category of IP addresses. Default tags can be specified in user-defined rules. - -**Default tags for NSGs** - -| Tag | Description | -| --- | --- | -| VIRTUAL_NETWORK |Denotes all of your network address space. It includes the virtual network address space (IP CIDR in Azure) as well as all connected on-premises address space (Local Networks). This also includes virtual network-to-virtual network address spaces. | -| AZURE_LOADBALANCER |Denotes the Azure Infrastructure load balancer and will translate to an Azure datacenter IP where Azure’s health probes will originate. This is needed only if the VM or set of VMs associated with the NSG is participating in a load balanced set. | -| INTERNET |Denotes the IP address space that is outside the virtual network and can be reached by public Internet. This range includes Azure-owned public IP space as well. | - -### Ports and port ranges -NSG rules can be specified on a single source or destination port, or on a port range. This approach is particularly useful when you want to open a wide range of ports -for an application, such as FTP. The range must be sequential and can't be mixed with individual port specifications. -To specify a range of ports, use the hyphen (–) character. For example, **100-500**. - -### ICMP traffic -With the current NSG rules, you can specify TCP or UDP as protocols but not ICMP. However, ICMP traffic is allowed within a virtual network by default through -the Inbound rules that support traffic from and to any port and protocol (\*) within the virtual network. - -### Associating an NSG with a VM -When an NSG is directly associated with a VM, the network access rules in the NSG are directly applied to all traffic that is destined to the VM. Whenever the NSG is -updated for rule changes, the traffic handling reflects the updates within minutes. When the NSG is disassociated from the VM, the state reverts to its -pre-NSG condition—that is, to the system defaults before the NSG was introduced. - -### Associating an NSG with a subnet -When an NSG is associated with a subnet, the network access rules in the NSG are applied to all the VMs in the subnet. Whenever the access rules in the NSG are -updated, the changes are applied to all VMs in the subnet within minutes. - -### Associating an NSG with a subnet and a VM -You can associate one NSG with a VM and another NSG with the subnet where the VM resides. This scenario is supported to provide the VM with two layers of protection. -On the inbound traffic, the packet follows the access rules specified in the subnet, followed by rules in the VM. When outbound, the packet follows the rules specified -in the VM first, then follows the rules specified in the subnet as shown below. - -![Associating an NSG to a subnet and a VM](./media/best-practices-resource-manager-security/nsg-subnet-vm.png) - -When an NSG is associated with a VM or subnet, the network access control rules become very explicit. The platform will not insert any implicit rule to allow -traffic to a particular port. In this case, if you create an endpoint in the VM, you must also create a rule to allow traffic from the Internet. If you don't do -this, the *VIP:{Port}* can't be accessed from outside. - -For example, you can create a new VM and a new NSG. You associate the NSG with the VM. The VM can communicate with other VMs in the virtual network through the -ALLOW VNET INBOUND rule. The VM can also make outbound connections to the Internet using the ALLOW INTERNET OUTBOUND rule. Later, you create an endpoint on port 80 -to receive traffic to your website running in the VM. Packets destined to port 80 on the VIP (public Virtual IP address) from the Internet will not reach the VM until -you add a rule similar to the following table to the NSG. - -**Explicit rule allowing traffic to a particular port** - -| Name | Priority | Source IP | Source Port | Destination IP | Destination Port | Protocol | Access | -| --- | --- | --- | --- | --- | --- | --- | --- | -| WEB |100 |INTERNET |* |* |80 |TCP |ALLOW | - -## User-defined routes -Azure uses a route table to decide how to forward IP traffic based on the destination of each packet. Although Azure provides a default route table based on -your virtual network settings, you may need to add custom routes to that table. - -The most common need for a custom entry in the route table is the use of a virtual appliance in your Azure environment. Take into account the scenario shown in -the Figure below. Suppose you want to ensure that all traffic directed to the mid-tier and backed subnets initiated from the front end subnet go through a -virtual firewall appliance. Simply adding the appliance to your virtual network and connecting it to the different subnets will not provide this functionality. -You must also change the routing table applied to your subnet to ensure packets are forwarded to the virtual firewall appliance. - -The same would be true if you implemented a virtual NAT appliance to control traffic between your Azure virtual network and the Internet. To ensure the virtual -appliance is used you have to create a route specifying that all traffic destined to the Internet must be forwarded to the virtual appliance. - -### Routing -Packets are routed over a TCP/IP network based on a route table defined at each node on the physical network. A route table is a collection of individual -routes used to decide where to forward packets based on the destination IP address. A route consists of the following: - -* Address Prefix. The destination CIDR to which the route applies, such as 10.1.0.0/16. -* Next hop type. The type of Azure hop the packet should be sent to. Possible values are: - * Local. Represents the local virtual network. For instance, if you have two subnets, 10.1.0.0/16 and 10.2.0.0/16 in the same virtual network, the route for each subnet in the route table will have a next hop value of Local. - * VPN Gateway. Represents an Azure S2S VPN Gateway. - * Internet. Represents the default Internet gateway provided by the Azure Infrastructure - * Virtual Appliance. Represents a virtual appliance you added to your Azure virtual network. - * NULL. Represents a black hole. Packets forwarded to a black hole will not be forwarded at all. -* Nexthop Value. The next hop value contains the IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is *Virtual Appliance*. The next hop needs to be on the subnet (the local interface of the virtual appliance according to the network ID), not a remote subnet. - -![Routing](./media/best-practices-resource-manager-security/routing.png) - -### Default routes -Every subnet created in a virtual network is automatically associated with a route table that contains the following default route rules: - -* Local VNet Rule: This rule is automatically created for every subnet in a virtual network. It specifies that there is a direct link between the VMs in the VNet and there is no intermediate next hop. This enables the VMs on the same subnet, regardless of the network ID that the VMs exist in, to communicate with each other without requiring a default gateway address. -* On-premises Rule: This rule applies to all traffic destined to the on-premises address range and uses VPN gateway as the next hop destination. -* Internet Rule: This rule handles all traffic destined to the public Internet and uses the infrastructure internet gateway as the next hop for all traffic destined to the Internet. - -### BGP routes -At the time of this writing, [ExpressRoute](../expressroute/expressroute-introduction.md) is not yet supported in the [Network Resource Provider](../virtual-network/resource-groups-networking.md) for Azure Resource Manager. If you have an ExpressRoute connection between your -on-premises network and Azure, you can enable BGP to propagate routes from your on-premises network to Azure once ExpressRoute is supported in the NRP. These -BGP routes are used in the same way as default routes and user defined routes in each Azure subnet. For more information see -[ExpressRoute Introduction](../expressroute/expressroute-introduction.md). - -> [!NOTE] -> When ExpressRoute on NRP is supported, you will be able to configure your Azure environment to use forced tunneling through your on-premises network by creating a user defined route for subnet 0.0.0.0/0 that uses the VPN gateway as the next hop. However, this only works if you are using a VPN gateway, not ExpressRoute. For ExpressRoute, forced tunneling is configured through BGP. -> -> - -### User-defined routes -You cannot view the default routes specified above in your Azure environment, and for most environments, those are the only routes you will need. -However, you may need to create a route table and add one or more routes in specific cases, such as: - -* Forced tunneling to the Internet via your on-premises network. -* Use of virtual appliances in your Azure environment. - -In the scenarios above, you will have to create a route table and add user defined routes to it. You can have multiple route tables, and the same route table can -be associated to one or more subnets. And each subnet can only be associated to a single route table. All VMs and cloud services in a subnet use the route table -associated to that subnet. - -Subnets rely on default routes until a route table is associated to the subnet. Once an association exists, routing is done based on [Longest Prefix Match (LPM)](https://en.wikipedia.org/wiki/Longest_prefix_match) -among both user defined routes and default routes. If there is more than one route with the same LPM match then a route is selected based on its origin in the following -order: - -1. User defined route -2. BGP route (when ExpressRoute is used) -3. Default route - -> [!NOTE] -> User defined routes are only applied to Azure VMs and cloud services. For instance, if you want to add a firewall virtual appliance between your on-premises network and Azure, you will have to create a user defined route for your Azure route tables that forwards all traffic going to the on-premises address space to the virtual appliance. However, incoming traffic from the on-premises address space will flow through your VPN gateway or ExpressRoute circuit straight to the Azure environment, bypassing the virtual appliance. -> -> - -### IP forwarding -As described above, one of the main reasons to create a user defined route is to forward traffic to a virtual appliance. A virtual appliance is nothing more than a -VM that runs an application used to handle network traffic in some way, such as a firewall or a NAT device. - -This virtual appliance VM must be able to receive incoming traffic that is not addressed to itself. To allow a VM to receive traffic addressed to other destinations, -you must enable IP Forwarding in the VM. - -## Next steps -* To understand how to set up security principals with the correct access to work with resources in your organization, see [Authenticating a Service Principal with Azure Resource Manager](resource-group-authenticate-service-principal.md) -* If you need to lock access to a resource, you can use management locks. See [Lock Resources with Azure Resource Manager](resource-group-lock-resources.md) -* To configure routing and IP forwarding, see [Create User Defined Routes (UDR) in Resource Manager by using a template](../virtual-network/virtual-network-create-udr-arm-template.md) -* For an overview of role-based access control, see [Role-based access control in the Microsoft Azure portal](../active-directory/role-based-access-control-configure.md) - +redirect_url: /azure/best-practices-network-security +--- \ No newline at end of file"
},
{
sha: "45cfb26e2a933826e88759c3f30250e4b32e762d",
filename: "articles/azure-resource-manager/managed-application-overview.md",
status: "modified",
additions: 6,
deletions: 2,
changes: 8,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/azure-resource-manager/managed-application-overview.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/azure-resource-manager/managed-application-overview.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/azure-resource-manager/managed-application-overview.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -10,7 +10,7 @@ ms.service: azure-resource-manager ms.devlang: na ms.topic: article ms.tgt_pltfrm: na -ms.date: 05/11/2017 +ms.date: 05/24/2017 ms.author: gauravbh; tomfitz --- @@ -30,10 +30,14 @@ There are two experiences when working with managed applications: 1. The vendor or independent software vendor (ISV) who creates a managed application, and makes it available for broader use. 2. The customer or consumer who wishes to create and use the published application. -This article covers both experiences. First, lets understand how a managed application works. +This article provides an overview of both experiences. First, lets understand how a managed application works. A managed application is similar to a marketplace solution template with one key difference. In a managed application, the resources are provisioned to a resource group that is managed by the ISV/vendor. The resource group is present in the customer's subscription, but a user, user group, or application in the ISV's tenant has access to the resource group. To manage and service the application, the vendor's identity is added to an Active Directory Owner, Contributor, Reader, or any other built-in role. +For more information about the vendor experience, see [Create and publish an Azure Managed Application](managed-application-publishing.md). + +For more information about the consumer experience, see [Consume an Azure Managed Application](managed-application-consumption.md). + ## Key concepts ### Managed resource group"
},
{
sha: "9991d447d756816f78d8ba5e03de02b3623acbf9",
filename: "articles/azure-resource-manager/resource-manager-keyvault-parameter.md",
status: "modified",
additions: 0,
deletions: 1,
changes: 1,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/azure-resource-manager/resource-manager-keyvault-parameter.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/azure-resource-manager/resource-manager-keyvault-parameter.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/azure-resource-manager/resource-manager-keyvault-parameter.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -184,6 +184,5 @@ To dynamically generate the resource ID for a key vault secret, you must move th ## Next steps * For general information about key vaults, see [Get started with Azure Key Vault](../key-vault/key-vault-get-started.md). -* For information about using a key vault with a Virtual Machine, see [Security considerations for Azure Resource Manager](best-practices-resource-manager-security.md). * For complete examples of referencing key secrets, see [Key Vault examples](https://github.com/rjmax/ArmExamples/tree/master/keyvaultexamples). "
},
{
sha: "af7c4d22e9091d960df945acc8f0a885418b4a6d",
filename: "articles/backup/index.md",
status: "modified",
additions: 15,
deletions: 5,
changes: 20,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/backup/index.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/backup/index.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/backup/index.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -5,7 +5,7 @@ services: backup author: carolz manager: carolz layout: LandingPage -ms.assetid: +ms.assetid: ms.service: backup ms.tgt_pltfrm: na ms.devlang: na @@ -73,7 +73,7 @@ Learn how to use Azure Backup in the cloud to protect data for long-term retenti </a> </li> <li> - <a href="/azure/backup/backup-azure-vms-first-look"> + <a href="/azure/backup/backup-azure-backup-server-vmware"> <div class="cardSize"> <div class="cardPadding"> <div class="card"> @@ -83,7 +83,7 @@ Learn how to use Azure Backup in the cloud to protect data for long-term retenti </div> </div> <div class="cardText"> - <h3>Get Started backing up Azure virtual machines with Azure Backup</h3> + <h3>Get Started backing up a VMware server with Azure Backup Server</h3> </div> </div> </div> @@ -138,6 +138,16 @@ Learn how to use Azure Backup in the cloud to protect data for long-term retenti </div> </div> </li> + <li> + <div class="cardSize"> + <div class="cardPadding"> + <div class="card"> + <div class="cardText"> + <h3>REST</h3> + <p><a href="/rest/api/recoveryservices">Recovery Services REST API Reference</a></p> + </div> + </div> + </div> + </div> + </li> </ul> - -"
},
{
sha: "69d33c4cec8f8abcbe79fb6635aaf09c98bc1e9f",
filename: "articles/data-lake-analytics/data-lake-analytics-get-started-portal.md",
status: "modified",
additions: 1,
deletions: 4,
changes: 5,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/data-lake-analytics/data-lake-analytics-get-started-portal.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/data-lake-analytics/data-lake-analytics-get-started-portal.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/data-lake-analytics/data-lake-analytics-get-started-portal.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -67,10 +67,7 @@ version.txt WebLog.log `` -In this tutorial, you use SearchLog.tsv. - -In practice, you either program your applications to write data into a linked storage accounts or upload data. For uploading files, see -[Upload data to Data Lake Store](data-lake-analytics-manage-use-portal.md) or [Upload data to Blob storage](data-lake-analytics-manage-use-portal.md). +This tutorial uses `SearchLog.tsv`. ## Create and submit Data Lake Analytics jobs After you have prepared the source data, you can start developing a U-SQL script. "
},
{
sha: "bd4782dedddfb8b1e291c6f8771a8194e05f93cf",
filename: "articles/dns/dns-protect-zones-recordsets.md",
status: "modified",
additions: 0,
deletions: 1,
changes: 1,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/dns/dns-protect-zones-recordsets.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/dns/dns-protect-zones-recordsets.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/dns/dns-protect-zones-recordsets.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -218,5 +218,4 @@ It is possible to use both approaches - resource locks and custom roles - at the * For more information about working with RBAC, see [Get started with access management in the Azure portal](../active-directory/role-based-access-control-what-is.md). * For more information about working with resource locks, see [Lock resources with Azure Resource Manager](../azure-resource-manager/resource-group-lock-resources.md). -* For more information about securing your Azure resources, see [Security considerations for Azure Resource Manager](../best-practices-resource-manager-security.md). "
},
{
sha: "a16509a0cee9cf0b86949e5e4e4dcfed63e7fa15",
filename: "articles/guidance/TOC.md",
status: "modified",
additions: 0,
deletions: 1,
changes: 1,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/guidance/TOC.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/guidance/TOC.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/guidance/TOC.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -64,7 +64,6 @@ ### [Microsoft cloud services and network security](..\best-practices-network-security.md) ### [Patterns for designing Azure Resource Manager templates](..\best-practices-resource-manager-design-templates.md) ### [Recommended naming conventions for Azure resources](guidance-naming-conventions.md) -### [Security considerations for Azure Resource Manager](..\best-practices-resource-manager-security.md) ### [Sharing state in Azure Resource Manager templates](..\best-practices-resource-manager-state.md) ### [Retry general guidance](..\best-practices-retry-general.md) ### [Retry service specific guidance](..\best-practices-retry-service-specific.md)"
},
{
sha: "460699d5d69dceee7400cfdecc8fd9379ec12b26",
filename: "articles/hdinsight/hdinsight-hadoop-use-pig-dotnet-sdk.md",
status: "modified",
additions: 4,
deletions: 3,
changes: 7,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/hdinsight/hdinsight-hadoop-use-pig-dotnet-sdk.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/hdinsight/hdinsight-hadoop-use-pig-dotnet-sdk.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/hdinsight/hdinsight-hadoop-use-pig-dotnet-sdk.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -1,5 +1,5 @@ --- -title: Use Hadoop Pig with .NET in HDInsight | Microsoft Docs +title: Run Apache Pig jobs with .NET SDK for Hadoop - Azure HDInsight | Microsoft Docs description: Learn how to use the .NET SDK for Hadoop to submit Pig jobs to Hadoop on HDInsight. services: hdinsight documentationcenter: .net @@ -15,14 +15,15 @@ ms.devlang: dotnet ms.topic: article ms.tgt_pltfrm: na ms.workload: big-data -ms.date: 03/03/2017 +ms.date: 05/25/2017 ms.author: larryfr --- # Run Pig jobs using the .NET SDK for Hadoop in HDInsight + [!INCLUDE [pig-selector](../../includes/hdinsight-selector-use-pig.md)] -This document provides an example of using the .NET SDK for Hadoop to submit Pig jobs to a Hadoop on HDInsight cluster. +Learn how to use the .NET SDK for Hadoop to submit Apache Pig jobs to Hadoop on Azure HDInsight. The HDInsight .NET SDK provides .NET client libraries that makes it easier to work with HDInsight clusters from .NET. Pig allows you to create MapReduce operations by modeling a series of data transformations. In this document, you learn how to use a basic C# application to submit a Pig job to an HDInsight cluster. "
},
{
sha: "0e5ae6fa2a3f8af2aa6c29a1435383a8128935ec",
filename: "articles/operations-management-suite/operations-management-suite-service-map.md",
status: "modified",
additions: 133,
deletions: 125,
changes: 258,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/operations-management-suite/operations-management-suite-service-map.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/operations-management-suite/operations-management-suite-service-map.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/operations-management-suite/operations-management-suite-service-map.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -1,6 +1,6 @@ --- -title: Service Map in Operations Management Suite (OMS) | Microsoft Docs -description: Service Map is an Operations Management Suite (OMS) solution that automatically discovers application components on Windows and Linux systems and maps the communication between services. This article provides details for deploying Service Map in your environment and using it in a variety of scenarios. +title: Use the Service Map solution in Operations Management Suite | Microsoft Docs +description: Service Map is an Operations Management Suite solution that automatically discovers application components on Windows and Linux systems and maps the communication between services. This article provides details for deploying Service Map in your environment and using it in a variety of scenarios. services: operations-management-suite documentationcenter: '' author: daveirwin1 @@ -18,230 +18,238 @@ ms.author: daseidma;bwren;dairwin --- -# Using Service Map solution in Operations Management Suite (OMS) -Service Map automatically discovers application components on Windows and Linux systems and maps the communication between services. It allows you to view your servers as you think of them – as interconnected systems that deliver critical services. Service Map shows connections between servers, processes, and ports across any TCP-connected architecture with no configuration required other than installation of an agent. +# Use the Service Map solution in Operations Management Suite +Service Map automatically discovers application components on Windows and Linux systems and maps the communication between services. With Service Map, you can view your servers in the way that you think of them: as interconnected systems that deliver critical services. Service Map shows connections between servers, processes, and ports across any TCP-connected architecture, with no configuration required other than the installation of an agent. -This article describes the details of using Service Map. For information on configuring Service Map and onboarding agents, see [Configuring Service Map solution in Operations Management Suite (OMS)](operations-management-suite-service-map-configure.md) +This article describes the details of using Service Map. For information about configuring Service Map and onboarding agents, see [Configuring Service Map solution in Operations Management Suite](operations-management-suite-service-map-configure.md). ## Use cases: Make your IT processes dependency aware ### Discovery -Service Map automatically builds a common reference map of dependencies across your servers, processes, and third-party services. It discovers and maps all TCP dependencies, identifying surprise connections, remote third-party systems you depend on, and dependencies to traditional dark areas of your network such as Active Directory. Service Map discovers failed network connections that your managed systems are attempting to make, helping you identify potential server misconfiguration, service outages, and network issues. +Service Map automatically builds a common reference map of dependencies across your servers, processes, and third-party services. It discovers and maps all TCP dependencies, identifying surprise connections, remote third-party systems you depend on, and dependencies to traditional dark areas of your network, such as Active Directory. Service Map discovers failed network connections that your managed systems are attempting to make, helping you identify potential server misconfiguration, service outage, and network issues. ### Incident management -Service Map helps eliminate the guesswork of problem isolation by showing you how systems are connected and affecting each other. In addition to failed connections, information about connected clients helps identify misconfigured load balancers, surprising or excessive load on critical services, and rogue clients such as developer machines talking to production systems. Integrated workflows with OMS Change Tracking also allow you to see whether a change event on a back-end machine or service explains the root cause of an incident. +Service Map helps eliminate the guesswork of problem isolation by showing you how systems are connected and affecting each other. In addition to identifying failed connections, it helps identify misconfigured load balancers, surprising or excessive load on critical services, and rogue clients, such as developer machines talking to production systems. By using integrated workflows with Operations Management Suite Change Tracking, you can also see whether a change event on a back-end machine or service explains the root cause of an incident. ### Migration assurance -Service Map allows you to effectively plan, accelerate, and validate Azure migrations, ensuring that nothing is left behind and there are no surprise outages. You can discover all interdependent systems that need to migrate together, assess system configuration and capacity, and identify whether a running system is still serving users or is a candidate for decommissioning instead of migration. After the move is done, you can check on client load and identity to verify that test systems and customers are connecting. If your subnet planning and firewall definitions have issues, failed connections in Service Map maps point you to the systems that need connectivity. +By using Service Map, you can effectively plan, accelerate, and validate Azure migrations, which helps ensure that nothing is left behind and surprise outages do not occur. You can discover all interdependent systems that need to migrate together, assess system configuration and capacity, and identify whether a running system is still serving users or is a candidate for decommissioning instead of migration. After the move is complete, you can check on client load and identity to verify that test systems and customers are connecting. If your subnet planning and firewall definitions have issues, failed connections in Service Map maps point you to the systems that need connectivity. ### Business continuity -If you are using Azure Site Recovery and need help defining the recovery sequence for your application environment, Service Map can automatically show you how systems rely on each other to ensure that your recovery plan is reliable. By choosing a critical server and viewing its clients, you can identify the front-end systems that should be recovered only after that critical server is restored and available. Conversely, by looking at a critical server’s back-end dependencies, you can identify those systems that must be recovered before your focus system is restored. +If you are using Azure Site Recovery and need help defining the recovery sequence for your application environment, Service Map can automatically show you how systems rely on each other to ensure that your recovery plan is reliable. By choosing a critical server and viewing its clients, you can identify which front-end systems to recover after the server is restored and available. Conversely, by looking at a critical server’s back-end dependencies, you can identify which systems to recover before your focus system is restored. ### Patch management -Service Map enhances your use of OMS System Update Assessment by showing you which other teams and servers depend on your service, so you can notify them in advance before you take down your systems for patching. Service Map also enhances patch management in OMS by showing you whether your services are available and properly connected after they are patched and restarted. +Service Map enhances your use of the Operations Management Suite System Update Assessment by showing you which other teams and servers depend on your service, so you can notify them in advance before you take down your systems for patching. Service Map also enhances patch management in Operations Management Suite by showing you whether your services are available and properly connected after they are patched and restarted. ## Mapping overview -Service Map agents gather information about all TCP-connected processes on the server where they’re installed and details about the inbound and outbound connections for each process. Using the Machine List on the left side of the Service Map solution, machines with Service Map agents can be selected to visualize their dependencies over a selected time range. Machine dependency maps focus on a specific machine, and show all the machines that are direct TCP clients or servers of that machine. +Service Map agents gather information about all TCP-connected processes on the server where they’re installed and details about the inbound and outbound connections for each process. In the machine list in the left pane, you can select machines that have Service Map agents to visualize their dependencies over a specified time range. Machine dependency maps focus on a specific machine, and they show all the machines that are direct TCP clients or servers of that machine. ![Service Map overview](media/oms-service-map/service-map-overview.png) -Machines can be expanded in the map to show the running processes with active network connections during the selected time range. When a remote machine with a Service Map agent is expanded to show process details, only those processes communicating with the focus machine are shown. The count of agentless front-end machines connecting into the focus machine is indicated on the left side of the processes they connect to. If the focus machine is making a connection to a back-end machine without an agent, that back-end server is included in a Server Port Group, along with other connections to the same port number. +Machines can be expanded in the map to show the running processes with active network connections during the selected time range. When a remote machine with a Service Map agent is expanded to show process details, only those processes that communicate with the focus machine are shown. The count of agentless front-end machines that connect into the focus machine is indicated on the left side of the processes they connect to. If the focus machine is making a connection to a back-end machine that has no agent, the back-end server is included in a Server Port Group, along with other connections to the same port number. -By default, Service Map maps show the last 30 minutes of dependency information. Using the time controls in the upper left, maps can be queried for historical time ranges, up to one-hour wide, to show how dependencies looked in the past - for example, during an incident or before a change occurred. Service Map data is stored for 30 days in paid workspaces, and for 7 days in free workspaces. +By default, Service Map maps show the last 30 minutes of dependency information. By using the time controls at the upper left, you can query maps for historical time ranges of up to one hour to show how dependencies looked in the past (for example, during an incident or before a change occurred). Service Map data is stored for 30 days in paid workspaces, and for 7 days in free workspaces. ## Status badges and border coloring -At the bottom of each server in the map can be a list of status badges conveying status information about the server. The badges indicate that there is some relevant information for the server from one of the OMS solution integrations. Clicking a badge takes you directly to the details of the status in the right panel. The currently availably status badges include Alerts, Changes, Security, and Updates. +At the bottom of each server in the map can be a list of status badges conveying status information about the server. The badges indicate that there is some relevant information for the server from one of the Operations Management Suite solution integrations. Clicking a badge takes you directly to the details of the status in the right pane. The currently available status badges include Alerts, Changes, Security, and Updates. -Based on the severity of the status badges, machine node borders can be colored red (Critical), yellow (Warning), or blue (Informational). The color represents the most severe status of any of the status badges. A gray border indicates a node with no current status indicators. +Depending on the severity of the status badges, machine node borders can be colored red (critical), yellow (warning), or blue (informational). The color represents the most severe status of any of the status badges. A gray border indicates a node that has no status indicators. ![Status badges](media/oms-service-map/status-badges.png) ## Role icons -Certain processes serve particular roles on machines: web servers, application servers, database, etc. Service Map annotates process and machine boxes with role icons to help identify at a glance the role a process or server plays. +Certain processes serve particular roles on machines: web servers, application servers, database, and so on. Service Map annotates process and machine boxes with role icons to help identify at a glance the role a process or server plays. -| Role Icon | Description | +| Role icon | Description | |:--|:--| -| ![Web server](media/oms-service-map/role-web-server.png) | Web Server | -| ![App server](media/oms-service-map/role-application-server.png) | Application Server | -| ![Database server](media/oms-service-map/role-database.png) | Database Server | -| ![LDAP server](media/oms-service-map/role-ldap.png) | LDAP Server | -| ![SMB server](media/oms-service-map/role-smb.png) | SMB Server | +| ![Web server](media/oms-service-map/role-web-server.png) | Web server | +| ![App server](media/oms-service-map/role-application-server.png) | Application server | +| ![Database server](media/oms-service-map/role-database.png) | Database server | +| ![LDAP server](media/oms-service-map/role-ldap.png) | LDAP server | +| ![SMB server](media/oms-service-map/role-smb.png) | SMB server | ![Role icons](media/oms-service-map/role-icons.png) ## Failed connections -Failed Connections are shown in Service Map maps for processes and computers, with a dashed red line showing if a client system is failing to reach a process or port. Failed connections are reported from any system with a deployed Service Map agent if that system is the one attempting the failed connection. Service Map measures this by observing TCP sockets that fail to establish a connection. This could be due to a firewall, a misconfiguration in the client or server, or a remote service being unavailable. +Failed connections are shown in Service Map maps for processes and computers, with a dashed red line indicating that a client system is failing to reach a process or port. Failed connections are reported from any system with a deployed Service Map agent if that system is the one attempting the failed connection. Service Map measures this process by observing TCP sockets that fail to establish a connection. This failure could result from a firewall, a misconfiguration in the client or server, or a remote service being unavailable. ![Failed connections](media/oms-service-map/failed-connections.png) -Understanding failed connections can help with troubleshooting, migration validation, security analysis, and overall architectural understanding. Sometimes failed connections are harmless, but they often point directly to a problem, such as a failover environment suddenly becoming unreachable, …or two application tiers not being able to talk after a cloud migration. +Understanding failed connections can help with troubleshooting, migration validation, security analysis, and overall architectural understanding. Failed connections are sometimes harmless, but they often point directly to a problem, such as a failover environment suddenly becoming unreachable, or two application tiers being unable to talk after a cloud migration. ## Client Groups -Client Groups are boxes on the map that represent client machines that do not have Dependency Agents. A single Client Group represents the clients for an individual process. +Client Groups are boxes on the map that represent client machines that do not have Dependency Agents. A single Client Group represents the clients for an individual process. -![Client groups](media/oms-service-map/client-groups.png) +![Client Groups](media/oms-service-map/client-groups.png) -To see the IP addresses of the servers in a Client Group, select the group. The contents of the group is listed in the Properties Panel. +To see the IP addresses of the servers in a Client Group, select the group. The contents of the group are listed in the **Client Group Properties** pane. -![Client group properties](media/oms-service-map/client-group-properties.png) +![Client Group properties](media/oms-service-map/client-group-properties.png) ## Server Port Groups -Server Port Groups are boxes that represent server ports on servers that do not have Dependency Agents. The box lists the server port along with a count of the number of servers with connections to that port. Expand the box to see the individual servers and connections. If there is only one server in the box, the name or IP address is listed. +Server Port Groups are boxes that represent server ports on servers that do not have Dependency Agents. The box contains the server port and a count of the number of servers with connections to that port. Expand the box to see the individual servers and connections. If there is only one server in the box, the name or IP address is listed. -![Server port groups](media/oms-service-map/server-port-groups.png) +![Server Port Groups](media/oms-service-map/server-port-groups.png) ## Context menu -Clicking the three dots in the top right of any server exposes the context menu for that server. +Clicking the ellipsis (...) at the top right of any server displays the context menu for that server. ![Failed connections](media/oms-service-map/context-menu.png) -### Load Server Map -Load Server Map navigates to a new map with the selected server as the new Focus Machine. +### Load server map +Clicking **Load Server Map** takes you to a new map with the selected server as the new focus machine. -### Show/Hide Self Links -Show Self Links redraws the server node including any self links, which are TCP connections that start and end on processes within the server. If self links are shown, the menu changes to Hide Self Links, allowing users to toggle the drawing of self links. +### Show self-links +Clicking **Show Self-Links** redraws the server node, including any self-links, which are TCP connections that start and end on processes within the server. If self-links are shown, the menu command changes to **Hide Self-Links**, so that you can turn them off. ## Computer summary -The Machine Summary panel includes an overview of a server's Operating System and dependency counts along with data from other OMS solutions, including Performance Metrics, Change Tracking, Security, Updates, etc. +The **Machine Summary** pane includes an overview of a server's operating system, dependency counts, and data from other Operations Management Suite solutions. Such data includes performance metrics, change tracking, security, and updates. -![Machine summary](media/oms-service-map/machine-summary.png) +![Machine Summary pane](media/oms-service-map/machine-summary.png) ## Computer and process properties -When navigating a Service Map map, you can select machines and processes to gain additional context about their properties. Machines provide information about DNS name, IPv4 addresses, CPU and Memory capacity, VM Type, Operating System version, Last Reboot time, and the IDs of their OMS and Service Map agents. +When you navigate a Service Map map, you can select machines and processes to gain additional context about their properties. Machines provide information about DNS name, IPv4 addresses, CPU and memory capacity, VM type, operating system and version, last reboot time, and the IDs of their Operations Management Suite and Service Map agents. -![Machine properties](media/oms-service-map/machine-properties.png) +![Machine Properties pane](media/oms-service-map/machine-properties.png) -Process details are gathered from Operating System metadata about running processes, including process name, process description, user name and domain (on Windows), company name, product name, product version, working directory, command line, and process start time. +You can gather process details from operating-system metadata about running processes, including process name, process description, user name and domain (on Windows), company name, product name, product version, working directory, command line, and process start time. -![Process properties](media/oms-service-map/process-properties.png) +![Process Properties pane](media/oms-service-map/process-properties.png) -The Process Summary panel provides additional information about that process’s connectivity, including its bound ports, inbound and outbound connections, and failed connections. +The **Process Summary** pane provides additional information about the process’s connectivity, including its bound ports, inbound and outbound connections, and failed connections. -![Process summary](media/oms-service-map/process-summary.png) +![Process Summary pane](media/oms-service-map/process-summary.png) -## OMS Alerts integration -Service Map integrates with OMS Alerts to show fired alerts for the selected server in the selected time range. The server shows an icon if there are current alerts and the Machine Alerts Panel lists the alerts +## Operations Management Suite Alerts integration +Service Map integrates with Operations Management Suite Alerts to show fired alerts for the selected server in the selected time range. The server displays an icon if there are current alerts, and the **Machine Alerts** pane lists the alerts. -![Machine Alerts Panel](media/oms-service-map/machine-alerts.png) +![Machine Alerts pane](media/oms-service-map/machine-alerts.png) -Note that for Service Map to be able to display relevant alerts, the alert rule must be created so that it fires for a specific computer. To create proper alerts: -- Include a clause to group by computer: "by Computer interval 1minute" -- Choose to alert based on Metric measurement +To enable Service Map to display relevant alerts, create an alert rule that fires for a specific computer. To create proper alerts: +- Include a clause to group by computer (for example, **by Computer interval 1minute**). +- Choose to alert based on metric measurement. ![Alert configuration](media/oms-service-map/alert-configuration.png) -## OMS Log Events integration -Service Map integrates with Log Search to show a count of all available log events for the selected server during the selected time range. You can click any row in the list of event counts to jump to Log Search and see the individual log events. +## Operations Management Suite log events integration +Service Map integrates with Log Search to show a count of all available log events for the selected server during the selected time range. You can click any row in the list of event counts to jump to Log Search and see the individual log events. -![Log events](media/oms-service-map/log-events.png) +![Machine Log Events pane](media/oms-service-map/log-events.png) -## OMS Service Desk integration -Service Map's integration with the IT Service Management Connector is automatic when both solutions are enabled and configured in your OMS workspace. The integration in Service Map is labeled "Service Desk". [For more information about how to enable and configure the ITSM Connector.](https://docs.microsoft.com/azure/log-analytics/log-analytics-itsmc-overview) +## Operations Management Suite Service Desk integration +Service Map integration with the IT Service Management Connector is automatic when both solutions are enabled and configured in your Operations Management Suite workspace. The integration in Service Map is labeled "Service Desk." For more information, see [Centrally manage ITSM work items using IT Service Management Connector](https://docs.microsoft.com/azure/log-analytics/log-analytics-itsmc-overview). -The Service Desk Panel shows a list of all IT Service Management events for the selected server in the selected time range. The server shows an icon if there are current items and the Service Desk Panel lists the items. -![Service Desk Panel](media/oms-service-map/service-desk.png) +The **Machine Service Desk** pane lists all IT Service Management events for the selected server in the selected time range. The server displays an icon if there are current items and the Machine Service Desk pane lists them. -Click "View Work Item" to open the item in your connected ITSM solution. +![Machine Service Desk pane](media/oms-service-map/service-desk.png) -Click "Show in Log Search" to view the details of the item in Log Search. +To open the item in your connected ITSM solution, click **View Work Item**. +To view the details of the item in Log Search, click **Show in Log Search**. -## OMS Change Tracking integration -Service Map's integration with Change Tracking is automatic when both solutions are enabled and configured in your OMS workspace. -The Machine Change Tracking Panel shows a list of all changes, with the most recent first, along with a link to drill into Log Search for additional details. -![Machine Change Tracking Panel](media/oms-service-map/change-tracking.png) +## Operations Management Suite Change Tracking integration +Service Map integration with Change Tracking is automatic when both solutions are enabled and configured in your Operations Management Suite workspace. -Following is a drill-down view of Configuration Change event after selecting **Show in Log Analytics**. -![Configuration Change Event](media/oms-service-map/configuration-change-event.png) +The **Machine Change Tracking** pane lists all changes, with the most recent first, along with a link to drill down to Log Search for additional details. +![Machine Change Tracking pane](media/oms-service-map/change-tracking.png) -## OMS Performance integration -The Machine Performance Panel shows standard performance metrics for the selected server. The metrics include CPU Utilization, Memory Utilization, Network Bytes Sent and Received, and a list of the top processes by Network Bytes sent and received. Note that to get the network performance data, you must also have enabled the Wire Data 2.0 solution in OMS. -![Machine Change Tracking Panel](media/oms-service-map/machine-performance.png) +The following image is a detailed view of a ConfigurationChange event that you might see after you select **Show in Log Analytics**. +![ConfigurationChange event](media/oms-service-map/configuration-change-event.png) -## OMS Security integration -Service Map's integration with Security and Audit is automatic when both solutions are enabled and configured in your OMS workspace. -The Machine Security Panel shows data from the OMS Security and Audit solution for the selected server. The panel lists a summary of any outstanding security issues for the server during the selected time range. Clicking any of the security issues drills down into a Log Search for details about the security issues. -![Machine Change Tracking Panel](media/oms-service-map/machine-security.png) +## Operations Management Suite performance integration +The **Machine Performance** pane displays standard performance metrics for the selected server. The metrics include CPU utilization, memory utilization, network bytes sent and received, and a list of the top processes by network bytes sent and received. To get the network performance data, you must also have enabled the Wire Data 2.0 solution in Operations Management Suite. +![Machine Performance pane](media/oms-service-map/machine-performance.png) -## OMS Updates integration -Service Map's integration with Update Management is automatic when both solutions are enabled and configured in your OMS workspace. -The Machine Updates Panel shows data from the OMS Update Management solution for the selected server. The panel lists a summary of any missing updates for the server during the selected time range. -![Machine Change Tracking Panel](media/oms-service-map/machine-updates.png) +## Operations Management Suite Security integration +Service Map integration with Security and Audit is automatic when both solutions are enabled and configured in your Operations Management Suite workspace. + +The **Machine Security** pane shows data from the Operations Management Suite Security and Audit solution for the selected server. The pane lists a summary of any outstanding security issues for the server during the selected time range. Clicking any of the security issues drills down into a Log Search for details about them. + +![Machine Security pane](media/oms-service-map/machine-security.png) + + +## Operations Management Suite Updates integration +Service Map integration with Update Management is automatic when both solutions are enabled and configured in your Operations Management Suite workspace. + +The **Machine Updates** pane displays data from the Operations Management Suite Update Management solution for the selected server. The pane lists a summary of any missing updates for the server during the selected time range. + +![Machine Change Tracking pane](media/oms-service-map/machine-updates.png) ## Log Analytics records -Service Map's computer and process inventory data is available for [search](../log-analytics/log-analytics-log-searches.md) in Log Analytics. This data can be applied to scenarios including migration planning, capacity analysis, discovery, and on demand performance troubleshooting. +Service Map computer and process inventory data is available for [search](../log-analytics/log-analytics-log-searches.md) in Log Analytics. You can apply this data to scenarios that include migration planning, capacity analysis, discovery, and on-demand performance troubleshooting. -One record is generated per hour for each unique computer and process in addition to records generated when a process or computer starts or is on-boarded to Service Map. These records have the properties in the following tables. The fields and values in the ServiceMapComputer_CL events map to fields of the Machine resource in the ServiceMap ARM API. The fields and values in the ServiceMapProcess_CL events map to the fields of the Process resource in the ServiceMap ARM API. The ResourceName_s field matches the name field in the corresponding ARM resource. Note - as Service Map features grow, these fields are subject to change. +One record is generated per hour for each unique computer and process, in addition to the records that are generated when a process or computer starts or is on-boarded to Service Map. These records have the properties in the following tables. The fields and values in the ServiceMapComputer_CL events map to fields of the Machine resource in the ServiceMap Azure Resource Manager API. The fields and values in the ServiceMapProcess_CL events map to the fields of the Process resource in the ServiceMap Azure Resource Manager API. The ResourceName_s field matches the name field in the corresponding Resource Manager resource. +>[!NOTE] +>As Service Map features grow, these fields are subject to change. There are internally generated properties you can use to identify unique processes and computers: -- Computer - Use ResourceId or ResourceName_s to uniquely identify a computer within an OMS Workspace. -- Process - Use ResourceId to uniquely identify a process within an OMS Workspace. ResourceName_s is unique within the context of the machine on which the process is running (MachineResourceName_s) +- Computer: Use ResourceId or ResourceName_s to uniquely identify a computer within an Operations Management Suite workspace. +- Process: Use ResourceId to uniquely identify a process within an Operations Management Suite workspace. ResourceName_s is unique within the context of the machine on which the process is running (MachineResourceName_s) -Since multiple records can exist for a given process and computer in a given time range, queries can return more than one record for the same computer or process. To include only the most recent record, add "| dedup ResourceId" to the query. +Because multiple records can exist for a specified process and computer in a specified time range, queries can return more than one record for the same computer or process. To include only the most recent record, add "| dedup ResourceId" to the query. ### ServiceMapComputer_CL records -Records with a type of **ServiceMapComputer_CL** have inventory data for servers with Service Map agents. These records have the properties in the following table: +Records with a type of *ServiceMapComputer_CL* have inventory data for servers with Service Map agents. These records have the properties in the following table: | Property | Description | |:--|:--| | Type | *ServiceMapComputer_CL* | | SourceSystem | *OpsManager* | -| ResourceId | unique identifier for machine within the workspace | -| ResourceName_s | unique identifier for machine within workspace | -| ComputerName_s | computer FQDN | -| Ipv4Addresses_s | a list of the server's IPv4 addresses | -| Ipv6Addresses_s | a list of the server's IPv6 addresses | -| DnsNames_s | array of DNS names | -| OperatingSystemFamily_s | windows or linux | -| OperatingSystemFullName_s | operating system full name | -| Bitness_s | bitness of machine (32 bit) or (64 bit) | -| PhysicalMemory_d | physical memory in MB | -| Cpus_d | number of cpus | -| CpuSpeed_d | cpu speed in MHz| -| VirtualizationState_s | "unknown", "physical", "virtual", "hypervisor" | -| VirtualMachineType_s | "hyperv", "vmware", etc. | -| VirtualMachineNativeMachineId_g | VM ID as assigned by its hypervisor | -| VirtualMachineName_s | VM name | -| BootTime_t | boot time | +| ResourceId | The unique identifier for a machine within the workspace | +| ResourceName_s | The unique identifier for a machine within the workspace | +| ComputerName_s | The computer FQDN | +| Ipv4Addresses_s | A list of the server's IPv4 addresses | +| Ipv6Addresses_s | A list of the server's IPv6 addresses | +| DnsNames_s | An array of DNS names | +| OperatingSystemFamily_s | Windows or Linux | +| OperatingSystemFullName_s | The full name of the operating system | +| Bitness_s | The bitness of the machine (32-bit or 64-bit) | +| PhysicalMemory_d | The physical memory in MB | +| Cpus_d | The number of CPUs | +| CpuSpeed_d | The CPU speed in MHz| +| VirtualizationState_s | *unknown*, *physical*, *virtual*, *hypervisor* | +| VirtualMachineType_s | *hyperv*, *vmware*, and so on | +| VirtualMachineNativeMachineId_g | The VM ID as assigned by its hypervisor | +| VirtualMachineName_s | The name of the VM | +| BootTime_t | The boot time | ### ServiceMapProcess_CL Type records -Records with a type of **ServiceMapProcess_CL** have inventory data for TCP-connected processes on servers with Service Map agents. These records have the properties in the following table: +Records with a type of *ServiceMapProcess_CL* have inventory data for TCP-connected processes on servers with Service Map agents. These records have the properties in the following table: | Property | Description | |:--|:--| | Type | *ServiceMapProcess_CL* | | SourceSystem | *OpsManager* | -| ResourceId | unique identifier for process within the workspace | -| ResourceName_s | unique identifier for process within machine on which it is running| -| MachineResourceName_s | machine resource name | -| ExecutableName_s | process executable name | -| StartTime_t | process pool start time | -| FirstPid_d | first pid in process pool | -| Description_s | process description | -| CompanyName_s | company name | -| InternalName_s | internal name | -| ProductName_s | product name | -| ProductVersion_s | product version | -| FileVersion_s | file version | -| CommandLine_s | command line | -| ExecutablePath _s | path to executable file | -| WorkingDirectory_s | working directory | -| UserName | account under which the process is executing | -| UserDomain | domain under which the process is executing | +| ResourceId | The unique identifier for a process within the workspace | +| ResourceName_s | The unique identifier for a process within the machine on which it is running| +| MachineResourceName_s | The resource name of the machine | +| ExecutableName_s | The name of the process executable | +| StartTime_t | The process pool start time | +| FirstPid_d | The first PID in the process pool | +| Description_s | The process description | +| CompanyName_s | The name of the company | +| InternalName_s | The internal name | +| ProductName_s | The name of the product | +| ProductVersion_s | The product version | +| FileVersion_s | The file version | +| CommandLine_s | The command line | +| ExecutablePath _s | The path to the executable file | +| WorkingDirectory_s | The working directory | +| UserName | The account under which the process is executing | +| UserDomain | The domain under which the process is executing | ## Sample log searches @@ -261,19 +269,19 @@ Type=ServiceMapProcess_CL CommandLine_s = \*sql\* | dedup ResourceId ### Find a machine (most recent record) by resource name Type=ServiceMapComputer_CL "m-4b9c93f9-bc37-46df-b43c-899ba829e07b" | dedup ResourceId -### Find a machine (most recent record) by ip address +### Find a machine (most recent record) by IP address Type=ServiceMapComputer_CL "10.229.243.232" | dedup ResourceId -### List all known processes on a given machine +### List all known processes on a specified machine Type=ServiceMapProcess_CL MachineResourceName_s="m-4b9c93f9-bc37-46df-b43c-899ba829e07b" | dedup ResourceId ### List all computers running SQL Type=ServiceMapComputer_CL ResourceName_s IN {Type=ServiceMapProcess_CL \*sql\* | Distinct MachineResourceName_s} | dedup ResourceId | Distinct ComputerName_s -### List of all unique product versions of curl in my datacenter +### List all unique product versions of curl in my datacenter Type=ServiceMapProcess_CL ExecutableName_s=curl | Distinct ProductVersion_s -### Create a Computer Group of all computers running CentOS +### Create a computer group of all computers running CentOS Type=ServiceMapComputer_CL OperatingSystemFullName_s = \*CentOS\* | Distinct ComputerName_s @@ -282,18 +290,18 @@ All the server, process, and dependency data in Service Map is available via the ## Diagnostic and usage data -Microsoft automatically collects usage and performance data through your use of the Service Map service. Microsoft uses this Data to provide and improve the quality, security, and integrity of the Service Map service. Data includes information about the configuration of your software like operating system and version and also includes IP address, DNS name, and Workstation name in order to provide accurate and efficient troubleshooting capabilities. We do not collect names, addresses, or other contact information. +Microsoft automatically collects usage and performance data through your use of the Service Map service. Microsoft uses this data to provide and improve the quality, security, and integrity of the Service Map service. To provide accurate and efficient troubleshooting capabilities, the data includes information about the configuration of your software, such as operating system and version, IP address, DNS name, and workstation name. Microsoft does not collect names, addresses, or other contact information. -For more information on data collection and usage, please see the [Microsoft Online Services Privacy Statement](https://go.microsoft.com/fwlink/?LinkId=512132). +For more information about data collection and usage, see the [Microsoft Online Services Privacy Statement](https://go.microsoft.com/fwlink/?LinkId=512132). ## Next steps -- Learn more about [log searches](../log-analytics/log-analytics-log-searches.md) in Log Analytics to retrieve data collected by Service Map. +Learn more about [log searches](../log-analytics/log-analytics-log-searches.md) in Log Analytics to retrieve data that's collected by Service Map. ## Troubleshooting -- See the [Troubleshooting section of the Configuring Service Map document](operations-management-suite-service-map-configure.md#troubleshooting). +See the [Troubleshooting section of the Configuring Service Map document](operations-management-suite-service-map-configure.md#troubleshooting). ## Feedback -Do you have any feedback for us about Service Map or this documentation? Please visit our [User Voice page](https://feedback.azure.com/forums/267889-log-analytics/category/184492-service-map), where you can suggest features or vote up existing suggestions. +Do you have any feedback for us about Service Map or this documentation? Visit our [User Voice page](https://feedback.azure.com/forums/267889-log-analytics/category/184492-service-map), where you can suggest features or vote up existing suggestions."
},
{
sha: "5b2ca967435955d3a4d01561945483c2951d6175",
filename: "articles/sql-database/media/sql-database-auditing-get-started/2_auditing_get_started_server_inherit.png",
status: "modified",
additions: 0,
deletions: 0,
changes: 0,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/media/sql-database-auditing-get-started/2_auditing_get_started_server_inherit.png",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/media/sql-database-auditing-get-started/2_auditing_get_started_server_inherit.png",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/media/sql-database-auditing-get-started/2_auditing_get_started_server_inherit.png?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7"
},
{
sha: "6b7f5f9ce61059792c29d4f2ddb86bdec4fbe129",
filename: "articles/sql-database/media/sql-database-auditing-get-started/3_auditing_get_started_turn_on.png",
status: "modified",
additions: 0,
deletions: 0,
changes: 0,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/media/sql-database-auditing-get-started/3_auditing_get_started_turn_on.png",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/media/sql-database-auditing-get-started/3_auditing_get_started_turn_on.png",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/media/sql-database-auditing-get-started/3_auditing_get_started_turn_on.png?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7"
},
{
sha: "43a5d58bad8e0878e5ba34b50efbae78c1032256",
filename: "articles/sql-database/media/sql-database-saas-tutorial-adhoc-analytics/adhocanalytics.png",
status: "added",
additions: 0,
deletions: 0,
changes: 0,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/media/sql-database-saas-tutorial-adhoc-analytics/adhocanalytics.png",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/media/sql-database-saas-tutorial-adhoc-analytics/adhocanalytics.png",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/media/sql-database-saas-tutorial-adhoc-analytics/adhocanalytics.png?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7"
},
{
sha: "ca5cc1f005930960ce96983b0e2d04e04875a767",
filename: "articles/sql-database/scripts/sql-database-auditing-and-threat-detection-powershell.md",
status: "modified",
additions: 2,
deletions: 2,
changes: 4,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-auditing-and-threat-detection-powershell.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-auditing-and-threat-detection-powershell.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/scripts/sql-database-auditing-and-threat-detection-powershell.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -15,13 +15,13 @@ ms.devlang: PowerShell ms.topic: article ms.tgt_pltfrm: sql-database ms.workload: database -ms.date: 05/19/2017 +ms.date: 05/23/2017 ms.author: janeng --- # Configure SQL Database auditing and threat detection using PowerShell -This sample PowerShell script configures SQL Database auditing and threat detection. To run this sample, make sure you have installed the latest [Azure PowerShell](/powershell/azure/overview). +This sample PowerShell script configures SQL Database auditing and threat detection. [!INCLUDE [sample-powershell-install](../../../includes/sample-powershell-install-no-ssh.md)] "
},
{
sha: "93c6d925efafe4d762e7b189bf9e9cf7f947349b",
filename: "articles/sql-database/scripts/sql-database-copy-database-to-new-server-powershell.md",
status: "modified",
additions: 1,
deletions: 1,
changes: 2,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-copy-database-to-new-server-powershell.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-copy-database-to-new-server-powershell.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/scripts/sql-database-copy-database-to-new-server-powershell.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -15,7 +15,7 @@ ms.devlang: PowerShell ms.topic: article ms.tgt_pltfrm: sql-database ms.workload: database -ms.date: 05/19/2017 +ms.date: 05/23/2017 ms.author: janeng --- "
},
{
sha: "c69f64089e25b1668f8df3e4712af41fc0e93fbf",
filename: "articles/sql-database/scripts/sql-database-create-and-configure-database-cli.md",
status: "modified",
additions: 4,
deletions: 0,
changes: 4,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-create-and-configure-database-cli.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-create-and-configure-database-cli.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/scripts/sql-database-create-and-configure-database-cli.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -25,6 +25,10 @@ This sample CLI script creates an Azure SQL database and configure a server-leve [!INCLUDE [sample-cli-install](../../../includes/sample-cli-install.md)] +[!INCLUDE [cloud-shell-try-it.md](../../../includes/cloud-shell-try-it.md)] + +[!INCLUDE [quickstarts-free-trial-note](../../../includes/quickstarts-free-trial-note.md)] + ## Sample script [!code-azurecli-interactive[main](../../../cli_scripts/sql-database/create-and-configure-database/create-and-configure-database.sh?highlight=9-10 "Create SQL Database")]"
},
{
sha: "60c41b7374558f3f4783a98ddc192b9628428916",
filename: "articles/sql-database/scripts/sql-database-create-and-configure-database-powershell.md",
status: "modified",
additions: 1,
deletions: 1,
changes: 2,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-create-and-configure-database-powershell.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-create-and-configure-database-powershell.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/scripts/sql-database-create-and-configure-database-powershell.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -15,7 +15,7 @@ ms.devlang: PowerShell ms.topic: article ms.tgt_pltfrm: sql-database ms.workload: database -ms.date: 05/19/2017 +ms.date: 05/23/2017 ms.author: janeng --- "
},
{
sha: "5b52833de0660fcd0d87ed3131a2bbdfcadc23fa",
filename: "articles/sql-database/scripts/sql-database-import-from-bacpac-powershell.md",
status: "modified",
additions: 1,
deletions: 1,
changes: 2,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-import-from-bacpac-powershell.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-import-from-bacpac-powershell.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/scripts/sql-database-import-from-bacpac-powershell.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -15,7 +15,7 @@ ms.devlang: PowerShell ms.topic: article ms.tgt_pltfrm: sql-database ms.workload: database -ms.date: 05/19/2017 +ms.date: 05/23/2017 ms.author: janeng --- "
},
{
sha: "f9896ae4afb3d41037a9a6c2032f96c4167005b9",
filename: "articles/sql-database/scripts/sql-database-monitor-and-scale-database-cli.md",
status: "modified",
additions: 4,
deletions: 0,
changes: 4,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-monitor-and-scale-database-cli.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-monitor-and-scale-database-cli.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/scripts/sql-database-monitor-and-scale-database-cli.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -25,6 +25,10 @@ This sample CLI script scales a single Azure SQL database to a different perform [!INCLUDE [sample-cli-install](../../../includes/sample-cli-install.md)] +[!INCLUDE [cloud-shell-try-it.md](../../../includes/cloud-shell-try-it.md)] + +[!INCLUDE [quickstarts-free-trial-note](../../../includes/quickstarts-free-trial-note.md)] + ## Sample script [!code-azurecli[main](../../../cli_scripts/sql-database/monitor-and-scale-database/monitor-and-scale-database.sh "Monitor and scale single SQL Database")]"
},
{
sha: "4a67b2b5a773c9cbef8bcf442bd0ecb914c4187f",
filename: "articles/sql-database/scripts/sql-database-monitor-and-scale-database-powershell.md",
status: "modified",
additions: 1,
deletions: 1,
changes: 2,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-monitor-and-scale-database-powershell.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-monitor-and-scale-database-powershell.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/scripts/sql-database-monitor-and-scale-database-powershell.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -15,7 +15,7 @@ ms.devlang: PowerShell ms.topic: article ms.tgt_pltfrm: sql-database ms.workload: database -ms.date: 05/19/2017 +ms.date: 05/23/2017 ms.author: janeng --- "
},
{
sha: "f12f67af3f60bd34955c01e38c387b4bad367db4",
filename: "articles/sql-database/scripts/sql-database-monitor-and-scale-pool-powershell.md",
status: "modified",
additions: 1,
deletions: 1,
changes: 2,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-monitor-and-scale-pool-powershell.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-monitor-and-scale-pool-powershell.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/scripts/sql-database-monitor-and-scale-pool-powershell.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -15,7 +15,7 @@ ms.devlang: PowerShell ms.topic: article ms.tgt_pltfrm: sql-database ms.workload: database -ms.date: 05/19/2017 +ms.date: 05/23/2017 ms.author: janeng --- "
},
{
sha: "90e19bb3d533c44f7353e70d3ce6388567ea21be",
filename: "articles/sql-database/scripts/sql-database-move-database-between-pools-cli.md",
status: "modified",
additions: 4,
deletions: 0,
changes: 4,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-move-database-between-pools-cli.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-move-database-between-pools-cli.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/scripts/sql-database-move-database-between-pools-cli.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -25,6 +25,10 @@ This sample CLI script creates two elastic pools and moves a database from one e [!INCLUDE [sample-cli-install](../../../includes/sample-cli-install.md)] +[!INCLUDE [cloud-shell-try-it.md](../../../includes/cloud-shell-try-it.md)] + +[!INCLUDE [quickstarts-free-trial-note](../../../includes/quickstarts-free-trial-note.md)] + ## Sample script [!code-azurecli-interactive[main](../../../cli_scripts/sql-database/move-database-between-pools/move-database-between-pools.sh "Move database between pools")]"
},
{
sha: "6570e7414dc5aaf5a0a9b27e597645ac31d23836",
filename: "articles/sql-database/scripts/sql-database-move-database-between-pools-powershell.md",
status: "modified",
additions: 1,
deletions: 1,
changes: 2,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-move-database-between-pools-powershell.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-move-database-between-pools-powershell.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/scripts/sql-database-move-database-between-pools-powershell.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -15,7 +15,7 @@ ms.devlang: PowerShell ms.topic: article ms.tgt_pltfrm: sql-database ms.workload: database -ms.date: 05/19/2017 +ms.date: 05/23/2017 ms.author: janeng --- "
},
{
sha: "ab7b4f57001fc54da3ec116ad440df4a8612f502",
filename: "articles/sql-database/scripts/sql-database-restore-database-powershell.md",
status: "modified",
additions: 1,
deletions: 1,
changes: 2,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-restore-database-powershell.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-restore-database-powershell.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/scripts/sql-database-restore-database-powershell.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -15,7 +15,7 @@ ms.devlang: PowerShell ms.topic: article ms.tgt_pltfrm: sql-database ms.workload: database -ms.date: 05/19/2017 +ms.date: 05/23/2017 ms.author: janeng --- "
},
{
sha: "2e9d1612267963a232f351adb83d5cb822284785",
filename: "articles/sql-database/scripts/sql-database-scale-pool-cli.md",
status: "modified",
additions: 4,
deletions: 0,
changes: 4,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-scale-pool-cli.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-scale-pool-cli.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/scripts/sql-database-scale-pool-cli.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -25,6 +25,10 @@ This sample CLI script creates elastic pools, moves pooled databases, and change [!INCLUDE [sample-cli-install](../../../includes/sample-cli-install.md)] +[!INCLUDE [cloud-shell-try-it.md](../../../includes/cloud-shell-try-it.md)] + +[!INCLUDE [quickstarts-free-trial-note](../../../includes/quickstarts-free-trial-note.md)] + ## Sample script [!code-azurecli-interactive[main](../../../cli_scripts/sql-database/scale-pool/scale-pool.sh "Move database between pools")]"
},
{
sha: "3724e9638e4fd389d43f38e2d91570e6c99d0aa2",
filename: "articles/sql-database/scripts/sql-database-setup-geodr-and-failover-database-powershell.md",
status: "modified",
additions: 1,
deletions: 1,
changes: 2,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-setup-geodr-and-failover-database-powershell.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-setup-geodr-and-failover-database-powershell.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/scripts/sql-database-setup-geodr-and-failover-database-powershell.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -15,7 +15,7 @@ ms.devlang: PowerShell ms.topic: article ms.tgt_pltfrm: sql-database ms.workload: database -ms.date: 05/19/2017 +ms.date: 05/23/2017 ms.author: janeng --- "
},
{
sha: "79164363b2eabdd9ea6a1853280557634fd9b5fa",
filename: "articles/sql-database/scripts/sql-database-setup-geodr-and-failover-pool-powershell.md",
status: "modified",
additions: 1,
deletions: 1,
changes: 2,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-setup-geodr-and-failover-pool-powershell.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-setup-geodr-and-failover-pool-powershell.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/scripts/sql-database-setup-geodr-and-failover-pool-powershell.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -15,7 +15,7 @@ ms.devlang: PowerShell ms.topic: article ms.tgt_pltfrm: sql-database ms.workload: database -ms.date: 05/19/2017 +ms.date: 05/23/2017 ms.author: janeng --- "
},
{
sha: "fa886be6dfeefd350370b13e8c6af44bbfe01b17",
filename: "articles/sql-database/scripts/sql-database-setup-geodr-failover-database-failover-group-powershell.md",
status: "modified",
additions: 1,
deletions: 1,
changes: 2,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-setup-geodr-failover-database-failover-group-powershell.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/scripts/sql-database-setup-geodr-failover-database-failover-group-powershell.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/scripts/sql-database-setup-geodr-failover-database-failover-group-powershell.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -15,7 +15,7 @@ ms.devlang: PowerShell ms.topic: article ms.tgt_pltfrm: sql-database ms.workload: database -ms.date: 05/19/2017 +ms.date: 05/23/2017 ms.author: janeng --- "
},
{
sha: "d241f50d716d20076dc2fa293194fa8eedf83f22",
filename: "articles/sql-database/sql-database-auditing.md",
status: "modified",
additions: 12,
deletions: 13,
changes: 25,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-auditing.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-auditing.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/sql-database-auditing.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -1,6 +1,6 @@ --- title: Get started with Azure SQL database auditing | Microsoft Docs -description: Get started with SQL database auditing +description: Get started with Azure SQL database auditing services: sql-database documentationcenter: '' author: giladm @@ -14,7 +14,7 @@ ms.workload: data-management ms.tgt_pltfrm: na ms.devlang: na ms.topic: article -ms.date: 7/3/2017 +ms.date: 5/25/2017 ms.author: giladm --- @@ -51,8 +51,7 @@ An auditing policy can be defined for a specific database or as a default server > [!NOTE] > You should avoid enabling both server Blob auditing and database Blob auditing together, unless: - > * You want to audit only specific database(s) on this server. - > * You need to use a different *storage account* or *retention period* for a specific database. + > * You want to use a different *storage account* or *retention period* for a specific database. > * You want to audit different event types or categories for a specific database than are being audited for the rest of the databases on this server (e.g. if table inserts need to be audited only for a specific database). > <br><br> > Otherwise, it is **recommended to only enable server-level Blob Auditing** and leave the database-level auditing disabled for all databases. @@ -122,11 +121,11 @@ There are several methods to view Blob Auditing logs: Once you have downloaded the log file locally, you can double-click the file to open, view and analyze the logs in SSMS. You can also **download multiple files simultaneously** via Azure Storage Explorer - right-click on a specific subfolder (e.g. a subfolder that includes all log files for a specific date) and choose "Save as" to save in a local folder. - + Additional methods: * After downloading several files (or an entire day, as described above), you can merge them locally as described in the SSMS **Merge Audit Files** instructions above. - + * Programmatically: * Extended Events Reader **C# library** ([more info here](https://blogs.msdn.microsoft.com/extended_events/2011/07/20/introducing-the-extended-events-reader/)) @@ -214,10 +213,10 @@ You can also configure Auditing in Azure SQL Database using the following automa [11]: ./media/sql-database-auditing-get-started/11_auditing_get_started_blob_audit_records.png [12]: ./media/sql-database-auditing-get-started/12_auditing_get_started_table_audit_records.png -[101]: https://msdn.microsoft.com/library/azure/mt603731.aspx -[102]: https://msdn.microsoft.com/library/azure/mt619329.aspx -[103]: https://msdn.microsoft.com/library/azure/mt603796.aspx -[104]: https://msdn.microsoft.com/library/azure/mt603574.aspx -[105]: https://msdn.microsoft.com/library/azure/mt603531.aspx -[106]: https://msdn.microsoft.com/library/azure/mt603794.aspx -[107]: https://msdn.microsoft.com/library/azure/mt619353.aspx +[101]: https://docs.microsoft.com/powershell/module/azurerm.sql/get-azurermsqldatabaseauditingpolicy +[102]: https://docs.microsoft.com/powershell/module/azurerm.sql/Get-AzureRMSqlServerAuditingPolicy +[103]: https://docs.microsoft.com/powershell/module/azurerm.sql/Remove-AzureRMSqlDatabaseAuditing +[104]: https://docs.microsoft.com/powershell/module/azurerm.sql/Remove-AzureRMSqlServerAuditing +[105]: https://docs.microsoft.com/powershell/module/azurerm.sql/Set-AzureRMSqlDatabaseAuditingPolicy +[106]: https://docs.microsoft.com/powershell/module/azurerm.sql/Set-AzureRMSqlServerAuditingPolicy +[107]: https://docs.microsoft.com/powershell/module/azurerm.sql/Use-AzureRMSqlServerAuditingPolicy"
},
{
sha: "b976714e9bbecdff5f5524fd644271c410292bd5",
filename: "articles/sql-database/sql-database-connect-query-dotnet.md",
status: "modified",
additions: 6,
deletions: 3,
changes: 9,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-connect-query-dotnet.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-connect-query-dotnet.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/sql-database-connect-query-dotnet.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -14,22 +14,25 @@ ms.workload: drivers ms.tgt_pltfrm: na ms.devlang: dotnet ms.topic: hero-article -ms.date: 05/07/2017 -ms.author: andrela;sstein;carlrab +ms.date: 05/23/2017 +ms.author: andrela --- # Azure SQL Database: Use .NET (C#) to connect and query data This quick start demonstrates how to use [C# and ADO.NET](https://msdn.microsoft.com/library/kb9s9ks0.aspx) to connect to an Azure SQL database; then use Transact-SQL statements to query, insert, update, and delete data in the database from the Windows, Mac OS, and Ubuntu Linux platforms. +## Prerequisites + This quick start uses as its starting point the resources created in one of these quick starts: - [Create DB - Portal](sql-database-get-started-portal.md) - [Create DB - CLI](sql-database-get-started-cli.md) +- [Create DB - PowerShell](sql-database-get-started-powershell.md) ## Install .NET -The steps in this section assume that you are familiar with developing using .NET and are new to working with Azure SQL Database. If you are new to developing with .NET, go the [Build an app using SQL Server](https://www.microsoft.com/en-us/sql-server/developer-get-started/) and select **C#** and then select your operating system. +The steps in this section assume that you are familiar with developing using .NET and are new to working with Azure SQL Database. If you are new to developing with .NET, go the [Build an app using SQL Server](https://www.microsoft.com/sql-server/developer-get-started/) and select **C#** and then select your operating system. ### **Windows .NET framework and .NET core** "
},
{
sha: "1cf5f5a61956b5e8abce0d4991f83249ab14c5d1",
filename: "articles/sql-database/sql-database-connect-query-java.md",
status: "modified",
additions: 5,
deletions: 2,
changes: 7,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-connect-query-java.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-connect-query-java.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/sql-database-connect-query-java.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -14,18 +14,21 @@ ms.workload: drivers ms.tgt_pltfrm: na ms.devlang: java ms.topic: article -ms.date: 05/07/2017 -ms.author: andrela;carlrab;sstein +ms.date: 05/23/2017 +ms.author: andrela --- # Azure SQL Database: Use Java to connect and query data This quick start demonstrates how to use [Java](https://docs.microsoft.com/sql/connect/jdbc/microsoft-jdbc-driver-for-sql-server) to connect to an Azure SQL database; then use Transact-SQL statements to query, insert, update, and delete data in the database from Mac OS, Ubuntu Linux, and Windows platforms. +## Prerequisites + This quick start uses as its starting point the resources created in one of these quick starts: - [Create DB - Portal](sql-database-get-started-portal.md) - [Create DB - CLI](sql-database-get-started-cli.md) +- [Create DB - PowerShell](sql-database-get-started-powershell.md) ## Install Java software "
},
{
sha: "54150e1dee98d81ac6bff6a9acf28f5e785735d0",
filename: "articles/sql-database/sql-database-connect-query-nodejs.md",
status: "modified",
additions: 5,
deletions: 2,
changes: 7,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-connect-query-nodejs.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-connect-query-nodejs.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/sql-database-connect-query-nodejs.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -14,18 +14,21 @@ ms.workload: drivers ms.tgt_pltfrm: na ms.devlang: nodejs ms.topic: article -ms.date: 05/07/2017 +ms.date: 05/24/2017 ms.author: lbosq --- # Azure SQL Database: Use Node.js to connect and query data This quick start demonstrates how to connect to an Azure SQL database using [Node.js](https://nodejs.org/en/); then use Transact-SQL statements to query, insert, update, and delete data in the database from Windows, Ubuntu Linux, and Mac platforms. -This quick start uses as its starting point the resources created in any of these guides: +## Prerequisites + +This quick start uses as its starting point the resources created in one of these quick starts: - [Create DB - Portal](sql-database-get-started-portal.md) - [Create DB - CLI](sql-database-get-started-cli.md) +- [Create DB - PowerShell](sql-database-get-started-powershell.md) ## Install Node.js "
},
{
sha: "f8fc41e33bfb5763df0718de131e539d3503f0c5",
filename: "articles/sql-database/sql-database-connect-query-php.md",
status: "modified",
additions: 5,
deletions: 2,
changes: 7,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-connect-query-php.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-connect-query-php.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/sql-database-connect-query-php.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -14,18 +14,21 @@ ms.workload: drivers ms.tgt_pltfrm: na ms.devlang: php ms.topic: article -ms.date: 05/07/2017 -ms.author: meetb;carlrab;sstein +ms.date: 05/24/2017 +ms.author: meetb --- # Azure SQL Database: Use PHP to connect and query data This quick start demonstrates how to use [PHP](http://php.net/manual/en/intro-whatis.php) to connect to an Azure SQL database; then use Transact-SQL statements to query, insert, update, and delete data in the database from Mac OS, Ubuntu Linux, and Windows platforms. +## Prerequisites + This quick start uses as its starting point the resources created in one of these quick starts: - [Create DB - Portal](sql-database-get-started-portal.md) - [Create DB - CLI](sql-database-get-started-cli.md) +- [Create DB - PowerShell](sql-database-get-started-powershell.md) ## Install PHP and database communications software "
},
{
sha: "bd8245248438634920b1748ac94c03fda299415e",
filename: "articles/sql-database/sql-database-connect-query-python.md",
status: "modified",
additions: 5,
deletions: 3,
changes: 8,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-connect-query-python.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-connect-query-python.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/sql-database-connect-query-python.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -14,18 +14,20 @@ ms.workload: drivers ms.tgt_pltfrm: na ms.devlang: python ms.topic: article -ms.date: 05/07/2017 -ms.author: meetb;carlrab;sstein - +ms.date: 05/24/2017 +ms.author: meetb --- # Azure SQL Database: Use Python to connect and query data This quick start demonstrates how to use [Python](https://python.org) to connect to an Azure SQL database; then use Transact-SQL statements to query, insert, update, and delete data in the database from Mac OS, Ubuntu Linux, and Windows platforms. +## Prerequisites + This quick start uses as its starting point the resources created in one of these quick starts: - [Create DB - Portal](sql-database-get-started-portal.md) - [Create DB - CLI](sql-database-get-started-cli.md) +- [Create DB - PowerShell](sql-database-get-started-powershell.md) ## Install the Python and database communication libraries "
},
{
sha: "28c44934cbf189aaefe9cfa6932362e96238a8e0",
filename: "articles/sql-database/sql-database-connect-query-ruby.md",
status: "modified",
additions: 5,
deletions: 2,
changes: 7,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-connect-query-ruby.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-connect-query-ruby.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/sql-database-connect-query-ruby.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -14,19 +14,22 @@ ms.workload: drivers ms.tgt_pltfrm: na ms.devlang: ruby ms.topic: article -ms.date: 05/07/2017 -ms.author: andrela;sstein;carlrab +ms.date: 05/24/2017 +ms.author: andrela --- # Azure SQL Database: Use Ruby to connect and query data This quick start demonstrates how to use [Ruby](https://Ruby.org) to connect to an Azure SQL database; then use Transact-SQL statements to query, insert, update, and delete data in the database from Mac OS and Ubuntu Linux platforms. +## Prerequisites + This quick start uses as its starting point the resources created in one of these quick starts: - [Create DB - Portal](sql-database-get-started-portal.md) - [Create DB - CLI](sql-database-get-started-cli.md) +- [Create DB - PowerShell](sql-database-get-started-powershell.md) ## Install Ruby and database communication libraries "
},
{
sha: "1146178cb45f38176f15de6638418eb2adaa2fe6",
filename: "articles/sql-database/sql-database-connect-query-ssms.md",
status: "modified",
additions: 13,
deletions: 7,
changes: 20,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-connect-query-ssms.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-connect-query-ssms.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/sql-database-connect-query-ssms.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -16,18 +16,21 @@ ms.workload: data-management ms.tgt_pltfrm: na ms.devlang: na ms.topic: hero-article -ms.date: 03/15/2017 +ms.date: 05/24/2017 ms.author: carlrab --- # Azure SQL Database: Use SQL Server Management Studio to connect and query data [SQL Server Management Studio](https://msdn.microsoft.com/library/ms174173.aspx) (SSMS) is a management tool used to create and manage SQL Server resources from the user interface or in scripts. This quick start demonstrates how to use SSMS to connect to an Azure SQL database, and then use Transact-SQL statements to query, insert, update, and delete data in the database. +## Prerequisites + This quick start uses as its starting point the resources created in one of these quick starts: - [Create DB - Portal](sql-database-get-started-portal.md) - [Create DB - CLI](sql-database-get-started-cli.md) +- [Create DB - PowerShell](sql-database-get-started-powershell.md) Before you start, make sure you have installed the newest version of [SSMS](https://msdn.microsoft.com/library/mt238290.aspx). @@ -43,7 +46,7 @@ Get the connection information needed to connect to the Azure SQL database. You 4. If you have forgotten the login information for your Azure SQL Database server, navigate to the SQL Database server page to view the server admin name and, if necessary, reset the password. -## Connect to your database in the SQL Database logical server +## Connect to your database Use SQL Server Management Studio to establish a connection to your Azure SQL Database server. @@ -54,11 +57,14 @@ Use SQL Server Management Studio to establish a connection to your Azure SQL Dat 1. Open SQL Server Management Studio. 2. In the **Connect to Server** dialog box, enter the following information: - - **Server type**: Specify Database engine - - **Server name**: Enter your fully qualified server name, such as **mynewserver20170313.database.windows.net** - - **Authentication**: Specify SQL Server Authentication - - **Login**: Enter your server admin account - - **Password**: Enter the password for your server admin account + + | Setting       | Suggested value | Description | + | ------------ | ------------------ | ------------------------------------------------- | + | **Server type** | Database engine | This value is required. | + | **Server name** | The fully qualified server name | The name should be something like this: **mynewserver20170313.database.windows.net**. | + | **Authentication** | SQL Server Authentication | SQL Authentication is the only authentication type that we have configured in this tutorial. | + | **Login** | The server admin account | This is the account that you specified when you created the server. | + | **Password** | The password for your server admin account | This is the password that you specified when you created the server. | ![connect to server](./media/sql-database-connect-query-ssms/connect.png) "
},
{
sha: "84903ec9656dc5979656bc00657422700691d46e",
filename: "articles/sql-database/sql-database-connect-query-vscode.md",
status: "modified",
additions: 13,
deletions: 12,
changes: 25,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-connect-query-vscode.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-connect-query-vscode.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/sql-database-connect-query-vscode.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -16,18 +16,21 @@ ms.workload: data-management ms.tgt_pltfrm: na ms.devlang: na ms.topic: hero-article -ms.date: 04/17/2017 +ms.date: 05/24/2017 ms.author: carlrab --- # Azure SQL Database: Use Visual Studio Code to connect and query data [Visual Studio Code](https://code.visualstudio.com/docs) is a graphical code editor for Linux, macOS, and Windows that supports extensions, including the [mssql extension](https://aka.ms/mssql-marketplace) for querying Microsoft SQL Server, Azure SQL Database, and SQL Data Warehouse. This quick start demonstrates how to use Visual Studio Code to connect to an Azure SQL database, and then use Transact-SQL statements to query, insert, update, and delete data in the database. +## Prerequisites + This quick start uses as its starting point the resources created in one of these quick starts: - [Create DB - Portal](sql-database-get-started-portal.md) - [Create DB - CLI](sql-database-get-started-cli.md) +- [Create DB - PowerShell](sql-database-get-started-powershell.md) Before you start, make sure you have installed the newest version of [Visual Studio Code](https://code.visualstudio.com/Download) and loaded the [mssql extension](https://aka.ms/mssql-marketplace). For installation guidance for the mssql extension, see [Install VS Code](https://docs.microsoft.com/sql/linux/sql-server-linux-develop-use-vscode#install-vs-code) and see [mssql for Visual Studio Code](https://marketplace.visualstudio.com/items?itemName=ms-mssql.mssql). @@ -92,17 +95,15 @@ Use Visual Studio Code to establish a connection to your Azure SQL Database serv 4. Follow the prompts to specify the connection properties for the new connection profile. After specifying each value, press **ENTER** to continue. - The following table describes the Connection Profile properties. - - | Setting | Description | - |-----|-----| - | **Server name** | Enter your fully qualified server name, such as **mynewserver20170313.database.windows.net** | - | **Database name** | Enter your database name, such as **mySampleDatabase** | - | **Authentication** | Select SQL Login | - | **User name** | Enter your server admin account | - | **Password (SQL Login)** | Enter the password for your server admin account | - | **Save Password?** | Select **Yes** or **No** | - | **[Optional] Enter a name for this profile** | Enter a connection profile name, such as **mySampleDatabase**. + | Setting       | Suggested value | Description | + | ------------ | ------------------ | ------------------------------------------------- | + | **Server name | The fully qualified server name | The name should be something like this: **mynewserver20170313.database.windows.net**. | + | **Database name** | mySampleDatabase | The name of the database to which to connect. | + | **Authentication** | SQL Login| SQL Authentication is the only authentication type that we have configured in this tutorial. | + | **User name** | The server admin account | This is the account that you specified when you created the server. | + | **Password (SQL Login)** | The password for your server admin account | This is the password that you specified when you created the server. | + | **Save Password?** | Yes or No | Select Yes if you do not want to enter the password each time. | + | **Enter a name for this profile** | A profile name, such as **mySampleDatabase** | A saved profile name speeds your connection on subsequent logins. | 5. Press the **ESC** key to close the info message that informs you that the profile is created and connected. "
},
{
sha: "59f3ec911f2a12539bef1489732fdabb4010e0fb",
filename: "articles/sql-database/sql-database-design-first-database.md",
status: "modified",
additions: 88,
deletions: 74,
changes: 162,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-design-first-database.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-design-first-database.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/sql-database-design-first-database.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -15,7 +15,7 @@ ms.devlang: na ms.topic: article ms.tgt_pltfrm: na ms.workload: '' -ms.date: 05/07/2017 +ms.date: 05/24/2017 ms.author: janeng --- @@ -49,45 +49,57 @@ Follow these steps to create a blank SQL database. 2. Select **Databases** from the **New** page, and select **SQL Database** from the **Databases** page. - ![create empty-database](./media/sql-database-design-first-database/create-empty-database.png) + ![create empty-database](./media/sql-database-design-first-database/create-empty-database.png) -3. Fill out the SQL Database form with the following information, as shown on the preceding image: +3. Fill out the SQL Database form with the following information, as shown on the preceding image: - - Database name: **mySampleDatabase** - - Resource group: **myResourceGroup** - - Source: **Blank database** + | Setting       | Suggested value | Description | + | ------------ | ------------------ | ------------------------------------------------- | + | **Database name** | mySampleDatabase | For valid database names, see [Database Identifiers](https://docs.microsoft.com/sql/relational-databases/databases/database-identifiers). | + | **Subscription** | Your subscription | For details about your subscriptions, see [Subscriptions](https://account.windowsazure.com/Subscriptions). | + | **Resource group** | myResourceGroup | For valid resource group names, see [Naming rules and restrictions](https://docs.microsoft.com/azure/architecture/best-practices/naming-conventions). | + | **Select source** | Blank database | Specifies that a blank database should be created. | -4. Click **Server** to create and configure a new server for your new database. Fill out the **New server form** specifying a globally unique server name, provide a name for the Server admin login, and then specify the password of your choice. +4. Click **Server** to create and configure a new server for your new database. Fill out the **New server form** with the following information: + + | Setting       | Suggested value | Description | + | ------------ | ------------------ | ------------------------------------------------- | + | **Server name** | Any globally unique name | For valid server names, see [Naming rules and restrictions](https://docs.microsoft.com/azure/architecture/best-practices/naming-conventions). | + | **Server admin login** | Any valid name | For valid login names, see [Database Identifiers](https://docs.microsoft.com/sql/relational-databases/databases/database-identifiers).| + | **Password** | Any valid password | Your password must have at least 8 characters and must contain characters from three of the following categories: upper case characters, lower case characters, numbers, and and non-alphanumeric characters. | + | **Location** | Any valid location | For information about regions, see [Azure Regions](https://azure.microsoft.com/regions/). | + + ![create database-server](./media//sql-database-design-first-database/create-database-server.png) - ![create database-server](./media//sql-database-design-first-database/create-database-server.png) 5. Click **Select**. 6. Click **Pricing tier** to specify the service tier and performance level for your new database. For this tutorial, select **20 DTUs** and **250** GB of storage. - ![create database-s1](./media/sql-database-design-first-database/create-empty-database-pricing-tier.png) + ![create database-s1](./media/sql-database-design-first-database/create-empty-database-pricing-tier.png) 7. Click **Apply**. -8. Click **Create** to provision the database. Provisioning takes about a minute and a half to complete. +8. Select a **collation** for the blank database (for this tutorial, use the default value). For more information about collations, see [Collations](https://docs.microsoft.com/sql/t-sql/statements/collations) -9. On the toolbar, click **Notifications** to monitor the deployment process. +9. Click **Create** to provision the database. Provisioning takes about a minute and a half to complete. - ![notification](./media/sql-database-get-started-portal/notification.png) +10. On the toolbar, click **Notifications** to monitor the deployment process. + ![notification](./media/sql-database-get-started-portal/notification.png) ## Create a server-level firewall rule Azure SQL Databases are protected by a firewall. By default, all connections to the server and the databases inside the server are rejected. Follow these steps to create a [SQL Database server-level firewall rule](sql-database-firewall-configure.md) for your server to allow connections from your client's IP address. 1. After the deployment completes, click **SQL databases** from the left-hand menu and click your new database, **mySampleDatabase**, on the **SQL databases** page. The overview page for your database opens, showing you the fully qualified server name (such as **mynewserver-20170313.database.windows.net**) and provides options for further configuration. - ![server firewall rule](./media/sql-database-design-first-database/server-firewall-rule.png) + ![server firewall rule](./media/sql-database-design-first-database/server-firewall-rule.png) 2. Click **Set server firewall** on the toolbar as shown in the previous image. The **Firewall settings** page for the SQL Database server opens. 3. Click **Add client IP** on the toolbar and then click **Save**. A server-level firewall rule is created for your current IP address. - ![set server firewall rule](./media/sql-database-design-first-database/server-firewall-rule-set.png) + ![set server firewall rule](./media/sql-database-design-first-database/server-firewall-rule-set.png) 4. Click **OK** and then click the **X** to close the **Firewall settings** page. @@ -105,23 +117,25 @@ Get the fully qualified server name for your Azure SQL Database server in the Az 2. Select **SQL Databases** from the left-hand menu, and click your database on the **SQL databases** page. 3. In the **Essentials** pane in the Azure portal page for your database, locate and then copy the **Server name**. - ![connection information](./media/sql-database-connect-query-ssms/connection-information.png) + ![connection information](./media/sql-database-connect-query-ssms/connection-information.png) -## Connect to your database using SQL Server Management Studio +## Connect using Management Studio Use [SQL Server Management Studio](https://docs.microsoft.com/sql/ssms/sql-server-management-studio-ssms) to establish a connection to your Azure SQL Database server. 1. Open SQL Server Management Studio. 2. In the **Connect to Server** dialog box, enter the following information: - - **Server type**: Specify Database engine - - **Server name**: Enter your fully qualified server name, such as **mynewserver20170313.database.windows.net** - - **Authentication**: Specify SQL Server Authentication - - **Login**: Enter your server admin account - - **Password**: Enter the password for your server admin account + | Setting       | Suggested value | Description | + | ------------ | ------------------ | ------------------------------------------------- | + | Server type | Database engine | This value is required | + | Server name | The fully qualified server name | The name should be something like this: **mynewserver20170313.database.windows.net**. | + | Authentication | SQL Server Authentication | SQL Authentication is the only authentication type that we have configured in this tutorial. | + | Login | The server admin account | This is the account that you specified when you created the server. | + | Password | The password for your server admin account | This is the password that you specified when you created the server. | - <img src="./media/sql-database-connect-query-ssms/connect.png" alt="connect to server" style="width: 780px;" /> + ![connect to server](./media/sql-database-connect-query-ssms/connect.png) 3. Click **Options** in the **Connect to server** dialog box. In the **Connect to database** section, enter **mySampleDatabase** to connect to this database. @@ -156,49 +170,49 @@ The following diagram shows how these tables are related to each other. Some of ```sql -- Create Person table - CREATE TABLE Person - ( - PersonId INT IDENTITY PRIMARY KEY, - FirstName NVARCHAR(128) NOT NULL, - MiddelInitial NVARCHAR(10), - LastName NVARCHAR(128) NOT NULL, - DateOfBirth DATE NOT NULL - ) + CREATE TABLE Person + ( + PersonId INT IDENTITY PRIMARY KEY, + FirstName NVARCHAR(128) NOT NULL, + MiddelInitial NVARCHAR(10), + LastName NVARCHAR(128) NOT NULL, + DateOfBirth DATE NOT NULL + ) -- Create Student table - CREATE TABLE Student - ( - StudentId INT IDENTITY PRIMARY KEY, - PersonId INT REFERENCES Person (PersonId), - Email NVARCHAR(256) - ) - + CREATE TABLE Student + ( + StudentId INT IDENTITY PRIMARY KEY, + PersonId INT REFERENCES Person (PersonId), + Email NVARCHAR(256) + ) + -- Create Course table - CREATE TABLE Course - ( - CourseId INT IDENTITY PRIMARY KEY, - Name NVARCHAR(50) NOT NULL, - Teacher NVARCHAR(256) NOT NULL - ) + CREATE TABLE Course + ( + CourseId INT IDENTITY PRIMARY KEY, + Name NVARCHAR(50) NOT NULL, + Teacher NVARCHAR(256) NOT NULL + ) -- Create Credit table - CREATE TABLE Credit - ( - StudentId INT REFERENCES Student (StudentId), - CourseId INT REFERENCES Course (CourseId), - Grade DECIMAL(5,2) CHECK (Grade <= 100.00), - Attempt TINYINT, - CONSTRAINT [UQ_studentgrades] UNIQUE CLUSTERED - ( - StudentId, CourseId, Grade, Attempt - ) - ) + CREATE TABLE Credit + ( + StudentId INT REFERENCES Student (StudentId), + CourseId INT REFERENCES Course (CourseId), + Grade DECIMAL(5,2) CHECK (Grade <= 100.00), + Attempt TINYINT, + CONSTRAINT [UQ_studentgrades] UNIQUE CLUSTERED + ( + StudentId, CourseId, Grade, Attempt + ) + ) ``` -![Create tables](./media/sql-database-design-first-database/create-tables.png) + ![Create tables](./media/sql-database-design-first-database/create-tables.png) 3. Expand the 'tables' node in the SQL Server Management Studio Object explorer to see the tables you created. @@ -237,32 +251,32 @@ Execute the following queries to retrieve information from the database tables. ```sql -- Find the students taught by Dominick Pope who have a grade higher than 75% - SELECT person.FirstName, - person.LastName, - course.Name, - credit.Grade - FROM Person AS person - INNER JOIN Student AS student ON person.PersonId = student.PersonId - INNER JOIN Credit AS credit ON student.StudentId = credit.StudentId - INNER JOIN Course AS course ON credit.CourseId = course.courseId - WHERE course.Teacher = 'Dominick Pope' - AND Grade > 75 + SELECT person.FirstName, + person.LastName, + course.Name, + credit.Grade + FROM Person AS person + INNER JOIN Student AS student ON person.PersonId = student.PersonId + INNER JOIN Credit AS credit ON student.StudentId = credit.StudentId + INNER JOIN Course AS course ON credit.CourseId = course.courseId + WHERE course.Teacher = 'Dominick Pope' + AND Grade > 75 ``` 2. In a SQL Server Management Studio query window, execute following query: ```sql -- Find all the courses in which Noe Coleman has ever enrolled - SELECT course.Name, - course.Teacher, - credit.Grade - FROM Course AS course - INNER JOIN Credit AS credit ON credit.CourseId = course.CourseId - INNER JOIN Student AS student ON student.StudentId = credit.StudentId - INNER JOIN Person AS person ON person.PersonId = student.PersonId - WHERE person.FirstName = 'Noe' - AND person.LastName = 'Coleman' + SELECT course.Name, + course.Teacher, + credit.Grade + FROM Course AS course + INNER JOIN Credit AS credit ON credit.CourseId = course.CourseId + INNER JOIN Student AS student ON student.StudentId = credit.StudentId + INNER JOIN Person AS person ON person.PersonId = student.PersonId + WHERE person.FirstName = 'Noe' + AND person.LastName = 'Coleman' ``` ## Restore a database to a previous point in time "
},
{
sha: "22f38fd02b93171d402f0d5630a4a7c880cd5ba6",
filename: "articles/sql-database/sql-database-get-started-cli.md",
status: "modified",
additions: 10,
deletions: 8,
changes: 18,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-get-started-cli.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-get-started-cli.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/sql-database-get-started-cli.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -23,23 +23,25 @@ ms.author: carlrab The Azure CLI is used to create and manage Azure resources from the command line or in scripts. This guide details using the Azure CLI to deploy an Azure SQL database in an [Azure resource group](../azure-resource-manager/resource-group-overview.md) in an [Azure SQL Database logical server](sql-database-features.md). -To complete this quick start, make sure you have installed the latest [Azure CLI 2.0](https://docs.microsoft.com/cli/azure/install-azure-cli). +If you don't have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin. -If you don't have an Azure subscription, create a [free](https://azure.microsoft.com/free/) account before you begin. +This quick start requires the Azure CLI version 2.0.4 or later. Run `az --version` to find the version. If you need to install or upgrade, see [Install Azure CLI 2.0](/cli/azure/install-azure-cli). + +[!INCLUDE [cloud-shell-try-it.md](../../includes/cloud-shell-try-it.md)] ## Log in to Azure Log in to your Azure subscription with the [az login](/cli/azure/#login) command and follow the on-screen directions. -```azurecli +```azure-cli az login ``` ## Define variables Define variables for use in the scripts in this quick start. -```azurecli +```azure-cli # The data center and resource name for your resources export resourcegroupname = myResourceGroup export location = westeurope @@ -59,14 +61,14 @@ export databasename = mySampleDatabase Create an [Azure resource group](../azure-resource-manager/resource-group-overview.md) using the [az group create](/cli/azure/group#create) command. A resource group is a logical container into which Azure resources are deployed and managed as a group. The following example creates a resource group named `myResourceGroup` in the `westeurope` location. -```azurecli +```azurazure-cliecli az group create --name $resourcegroupname --location $location ``` ## Create a logical server Create an [Azure SQL Database logical server](sql-database-features.md) using the [az sql server create](/cli/azure/sql/server#create) command. A logical server contains a group of databases managed as a group. The following example creates a randomly named server in your resource group with an admin login named `ServerAdmin` and a password of `ChangeYourAdminPassword1`. Replace these pre-defined values as desired. -```azurecli +```azure-cli az sql server create --name $servername --resource-group $resourcegroupname --location $location \ --admin-user $adminlogin --admin-password $password ``` @@ -75,7 +77,7 @@ az sql server create --name $servername --resource-group $resourcegroupname --lo Create an [Azure SQL Database server-level firewall rule](sql-database-firewall-configure.md) using the [az sql server firewall create](/cli/azure/sql/server/firewall-rule#create) command. A server-level firewall rule allows an external application, such as SQL Server Management Studio or the SQLCMD utility to connect to a SQL database through the SQL Database service firewall. In the following example, the firewall is only opened for other Azure resources. To enable external connectivity, change the IP address to an appropriate address for your environment. To open all IP addresses, use 0.0.0.0 as the starting IP address and 255.255.255.255 as the ending address. -```azurecli +```azure-cli az sql server firewall-rule create --resource-group $resourcegroupname --server $servername \ -n AllowYourIp --start-ip-address $startip --end-ip-address $endip ``` @@ -88,7 +90,7 @@ az sql server firewall-rule create --resource-group $resourcegroupname --server Create a database with an [S0 performance level](sql-database-service-tiers.md) in the server using the [az sql db create](/cli/azure/sql/db#create) command. The following example creates a database called `mySampleDatabase` and loads the AdventureWorksLT sample data into this database. Replace these predefined values as desired (other quick starts in this collection build upon the values in this quick start). -```azurecli +```azure-cli az sql db create --resource-group $resourcegroupname --server $servername \ --name $databasename --sample-name AdventureWorksLT --service-objective S0 ```"
},
{
sha: "c8c900fea1fc96b9ff18bb430ca87800663e4fa4",
filename: "articles/sql-database/sql-database-get-started-portal.md",
status: "modified",
additions: 30,
deletions: 17,
changes: 47,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-get-started-portal.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-get-started-portal.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/sql-database-get-started-portal.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -15,7 +15,7 @@ ms.workload: data-management ms.tgt_pltfrm: portal ms.devlang: na ms.topic: hero-article -ms.date: 05/03/2017 +ms.date: 05/24/2017 ms.author: carlrab --- @@ -39,38 +39,51 @@ Follow these steps to create a SQL database containing the Adventure Works LT sa 2. Select **Databases** from the **New** page, and select **SQL Database** from the **Databases** page. - ![create database-1](./media/sql-database-get-started-portal/create-database-1.png) + ![create database-1](./media/sql-database-get-started-portal/create-database-1.png) -3. Fill out the SQL Database form with the following information, as shown on the preceding image: - - Database name: **mySampleDatabase** - - Resource group: **myResourceGroup** - - Source source: **Sample (AdventureWorksLT)** +3. Fill out the SQL Database form with the following information, as shown on the preceding image: + + | Setting       | Suggested value | Description | + | ------------ | ------------------ | ------------------------------------------------- | + | **Database name** | mySampleDatabase | For valid database names, see [Database Identifiers](https://docs.microsoft.com/en-us/sql/relational-databases/databases/database-identifiers). | + | **Subscription** | Your subscription | For details about your subscriptions, see [Subscriptions](https://account.windowsazure.com/Subscriptions). | + | **Resource group** | myResourceGroup | For valid resource group names, see [Naming rules and restrictions](https://docs.microsoft.com/azure/architecture/best-practices/naming-conventions). | + | **Source source** | Sample (AdventureWorksLT) | Loads the AdventureWorksLT schema and data into your new database | > [!IMPORTANT] > You must select the sample database on this form because it is used in the remainder of this quick start. > -4. Click **Server** and then fill out the **New server form** specifying a globally unique server name, provide a name for the server admin login, and then specify the password of your choice. +4. Fill out the SQL server (logical server) form with the following information, as shown on the preceding image: + + | Setting       | Suggested value | Description | + | ------------ | ------------------ | ------------------------------------------------- | + | **Server name** | Any globally unique name | For valid server names, see [Naming rules and restrictions](https://docs.microsoft.com/azure/architecture/best-practices/naming-conventions). | + | **Server admin login** | Any valid name | For valid login names, see [Database Identifiers](https://docs.microsoft.com/en-us/sql/relational-databases/databases/database-identifiers). | + | **Password** | Any valid password | Your password must have at least 8 characters and must contain characters from three of the following categories: upper case characters, lower case characters, numbers, and and non-alphanumeric characters. | + | **Subscription** | Your subscription | For details about your subscriptions, see [Subscriptions](https://account.windowsazure.com/Subscriptions). | + | **Resource group** | myResourceGroup | For valid resource group names, see [Naming rules and restrictions](https://docs.microsoft.com/azure/architecture/best-practices/naming-conventions). | + | **Location** | Any valid location | For information about regions, see [Azure Regions](https://azure.microsoft.com/regions/). | > [!IMPORTANT] > The server admin login and password that you specify here are required to log in to the server and its databases later in this quick start. Remember or record this information for later use. > - ![create database-server](./media/sql-database-get-started-portal/create-database-server.png) + ![create database-server](./media/sql-database-get-started-portal/create-database-server.png) + 5. When you have completed the form, click **Select**. 6. Click **Pricing tier** to specify the service tier and performance level for your new database. Use the slider to select **20 DTUs** and **250** GB of storage. For more information on DTUs, see [What is a DTU?](sql-database-what-is-a-dtu.md). - ![create database-s1](./media/sql-database-get-started-portal/create-database-s1.png) + ![create database-s1](./media/sql-database-get-started-portal/create-database-s1.png) 7. After selected the amount of DTUs, click **Apply**. 8. Now that you have completed the SQL Database form, click **Create** to provision the database. Provisioning takes a few minutes. 9. On the toolbar, click **Notifications** to monitor the deployment process. - ![notification](./media/sql-database-get-started-portal/notification.png) - + ![notification](./media/sql-database-get-started-portal/notification.png) ## Create a server-level firewall rule @@ -86,18 +99,18 @@ The SQL Database service creates a firewall at the server-level that prevents ex > You will need this fully qualified server name to connect to your server and its databases in subsequent quick starts. > - ![server name](./media/sql-database-get-started-portal/server-name.png) + ![server name](./media/sql-database-get-started-portal/server-name.png) 2. Click **Set server firewall** on the toolbar as shown in the previous image. The **Firewall settings** page for the SQL Database server opens. - ![server firewall rule](./media/sql-database-get-started-portal/server-firewall-rule.png) + ![server firewall rule](./media/sql-database-get-started-portal/server-firewall-rule.png) 3. Click **Add client IP** on the toolbar to add your current IP address to a new firewall rule. A firewall rule can open port 1433 for a single IP address or a range of IP addresses. 4. Click **Save**. A server-level firewall rule is created for your current IP address opening port 1433 on the logical server. - ![set server firewall rule](./media/sql-database-get-started-portal/server-firewall-rule-set.png) + ![set server firewall rule](./media/sql-database-get-started-portal/server-firewall-rule-set.png) 4. Click **OK** and then close the **Firewall settings** page. @@ -112,13 +125,13 @@ Now that you have created a sample database in Azure, let’s use the built-in q 1. On the SQL Database page for your database, click **Tools** on the toolbar. The **Tools** page opens. - ![tools menu](./media/sql-database-get-started-portal/tools-menu.png) + ![tools menu](./media/sql-database-get-started-portal/tools-menu.png) 2. Click **Query editor (preview)**, click the **Preview terms** checkbox, and then click **OK**. The Query editor page opens. 3. Click **Login** and then, when prompted, select **SQL server authentication** and then provide the server admin login and password that you created earlier. - ![login](./media/sql-database-get-started-portal/login.png) + ![login](./media/sql-database-get-started-portal/login.png) 4. Click **OK** to log in. @@ -133,7 +146,7 @@ Now that you have created a sample database in Azure, let’s use the built-in q 6. Click **Run** and then review the query results in the **Results** pane. - ![query editor results](./media/sql-database-get-started-portal/query-editor-results.png) + ![query editor results](./media/sql-database-get-started-portal/query-editor-results.png) 7. Close the **Query editor** page and the **Tools** page. "
},
{
sha: "808c5d112f9d780a6dec05aeeaac0eea380400bb",
filename: "articles/sql-database/sql-database-get-started-powershell.md",
status: "modified",
additions: 5,
deletions: 4,
changes: 9,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-get-started-powershell.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-get-started-powershell.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/sql-database-get-started-powershell.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -23,10 +23,10 @@ ms.author: carlrab PowerShell is used to create and manage Azure resources from the command line or in scripts. This guide details using PowerShell to deploy an Azure SQL database in an [Azure resource group](../azure-resource-manager/resource-group-overview.md) in an [Azure SQL Database logical server](sql-database-features.md). -To complete this tutorial, make sure you have installed the latest [Azure PowerShell](/powershell/azure/overview). - If you don't have an Azure subscription, create a [free](https://azure.microsoft.com/free/) account before you begin. +This tutorial requires the Azure PowerShell module version 4.0 or later. Run ` Get-Module -ListAvailable AzureRM` to find the version. If you need to install or upgrade, see [Install Azure PowerShell module](/powershell/azure/install-azurerm-ps). + ## Log in to Azure Log in to your Azure subscription using the [Add-AzureRmAccount](/powershell/module/azurerm.profile/add-azurermaccount) command and follow the on-screen directions. @@ -88,14 +88,15 @@ New-AzureRmSqlServerFirewallRule -ResourceGroupName $resourcegroupname ` > SQL Database communicates over port 1433. If you are trying to connect from within a corporate network, outbound traffic over port 1433 may not be allowed by your network's firewall. If so, you will not be able to connect to your Azure SQL Database server unless your IT department opens port 1433. > -## Create a blank database +## Create a database in the server with sample data -Create a blank SQL database with an [S0 performance level](sql-database-service-tiers.md) in the server using the [New-AzureRmSqlDatabase](/powershell/module/azurerm.sql/new-azurermsqldatabase) command. The following example creates a database called `mySampleDatabase`. Replace this predefined value as desired. +Create a database with an [S0 performance level](sql-database-service-tiers.md) in the server using the [New-AzureRmSqlDatabase](/powershell/module/azurerm.sql/new-azurermsqldatabase) command. The following example creates a database called `mySampleDatabase` and loads the AdventureWorksLT sample data into this database. Replace these predefined values as desired (other quick starts in this collection build upon the values in this quick start). ```powershell New-AzureRmSqlDatabase -ResourceGroupName $resourcegroupname ` -ServerName $servername ` -DatabaseName $databasename ` + -SampleName "AdventureWorksLT" ` -RequestedServiceObjectiveName "S0" ``` "
},
{
sha: "9fc8040527c4c5650d286e3b59fd1866464d6502",
filename: "articles/sql-database/sql-database-migrate-your-sql-server-database.md",
status: "modified",
additions: 10,
deletions: 7,
changes: 17,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-migrate-your-sql-server-database.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-migrate-your-sql-server-database.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/sql-database-migrate-your-sql-server-database.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -118,13 +118,16 @@ An [Azure SQL Database logical server](sql-database-features.md) acts as a centr 4. Fill out the SQL server (logical server) form with the following information, as shown on the preceding image: - - Server name: Specify a globally unique server name - - Server admin login: Provide a name for the Server admin login - - Password: Specify the password of your choice - - Resource group: Select **Create new** and specify **myResourceGroup** - - Location: Select a data center location - - ![create logical server completed form](./media/sql-database-migrate-your-sql-server-database/logical-server-create-completed.png) + | Setting       | Suggested value | Description | + | ------------ | ------------------ | ------------------------------------------------- | + | **Server name** | Any globally unique name | For valid server names, see [Naming rules and restrictions](https://docs.microsoft.com/azure/architecture/best-practices/naming-conventions). | + | **Server admin login** | Any valid name | For valid login names, see [Database Identifiers](https://docs.microsoft.com/en-us/sql/relational-databases/databases/database-identifiers). | + | **Password** | Any valid password | Your password must have at least 8 characters and must contain characters from three of the following categories: upper case characters, lower case characters, numbers, and and non-alphanumeric characters. | + | **Subscription** | Your subscription | For details about your subscriptions, see [Subscriptions](https://account.windowsazure.com/Subscriptions). | + | **Resource group** | myResourceGroup | For valid resource group names, see [Naming rules and restrictions](https://docs.microsoft.com/azure/architecture/best-practices/naming-conventions). | + | **Location** | Any valid location | For information about regions, see [Azure Regions](https://azure.microsoft.com/regions/). | + + ![create logical server completed form](./media/sql-database-migrate-your-sql-server-database/logical-server-create-completed.png) 5. Click **Create** to provision the logical server. Provisioning takes a few minutes. "
},
{
sha: "997120c795a3d8ab889d3e1a583f415aeaccbd6b",
filename: "articles/sql-database/sql-database-saas-tutorial-adhoc-analytics.md",
status: "modified",
additions: 21,
deletions: 19,
changes: 40,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-saas-tutorial-adhoc-analytics.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/sql-database-saas-tutorial-adhoc-analytics.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/sql-database-saas-tutorial-adhoc-analytics.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -15,7 +15,7 @@ ms.workload: data-management ms.tgt_pltfrm: na ms.devlang: na ms.topic: hero-article -ms.date: 05/22/2017 +ms.date: 05/24/2017 ms.author: billgib; sstein --- @@ -26,12 +26,13 @@ In this tutorial, you create an ad-hoc analytics database and run several querie To run ad-hoc analytics queries (across multiple tenants), the Wingtip SaaS app uses [Elastic Query](sql-database-elastic-query-overview.md) along with an analytics database. -In this tutorial you learn how to: +In this tutorial you learn: > [!div class="checklist"] -> * Deploy an ad-hoc analytics database -> * Run distributed queries across all tenant databases +> * About the global views in each database that enable querying across tenants +> * How to deploy an ad-hoc analytics database +> * How to run distributed queries across all tenant databases @@ -52,23 +53,19 @@ Accessing this data in a single multi-tenant database is easy, but not so easy w The Wingtip SaaS scripts and application source code are available in the [WingtipSaaS](https://github.com/Microsoft/WingtipSaaS) github repo. [Steps to download the Wingtip SaaS scripts](sql-database-wtp-overview.md#download-the-wingtip-saas-scripts). -## Explore the global views in the tenant databases +## Explore the global views -The Wingtip SaaS application is built using a tenant-per-database model, so the tenant database schema is defined from a single-tenant perspective. Tenant-specific information exists in one table, *Venue*, which always has a single row, and is furthermore designed as a heap, without a primary key. Other tables in the schema don't need to be related to the *Venue* table, because in normal use, there is never any doubt which tenant the data belongs to. However, when querying across all databases, correlating data from tables in the database to a specific tenant becomes significant. To simplify this, a set of views are added to the tenant database that provide a 'global' view of each tenant. These global views project a tenant id into each table that will be queried over globally. This makes it easy to identify data from each tenant. As a convenience, these views have been pre-created in all tenant databases (as well as the golden db, so these views are available as new tenants are provisioned). +The Wingtip SaaS application is built using a tenant-per-database model, so the tenant database schema is defined from a single-tenant perspective. Tenant-specific information exists in one table, *Venue*, which always has a single row, and is furthermore designed as a heap, without a primary key. Other tables in the schema don't need to be related to the *Venue* table, because in normal use, there is never any doubt which tenant the data belongs to. However, when querying across all databases, correlating data from tables in the database to a specific tenant becomes significant. To simplify this, a set of views are added to the tenant database that provide a 'global' view of each tenant. These global views project a tenant id into each table that will be queried over globally. This makes it easy to identify data from each tenant. As a convenience, these views have been pre-created in all tenant databases (as well as the golden db, so these global views are available as new tenants are provisioned). 1. Open SSMS and [connect to the tenants1-&lt;USER&gt; server](sql-database-wtp-overview.md#explore-database-schema-and-execute-sql-queries-using-ssms). 1. Expand **Databases**, right-click **contosoconcerthall**, and select **New Query**. -1. Run the following queries to explore the global views: +1. Run the following queries to explore the difference between the single-tenant tables and the global views: ```T-SQL -- This is the base Venue table, that has no VenueId associated. SELECT * FROM Venue -- Notice the plural name 'Venues'. This view projects a VenueId column. - -- In the sample database we calculated an integer id from a hash of the Venue name, - -- but any approach could be used to introduce a unique value. - -- This is similar to how we create the tenant key in the catalog, - -- but there is no requirement that the catalog key and this id be the same. SELECT * FROM Venues -- The base Events table which has no VenueId column. @@ -78,7 +75,9 @@ The Wingtip SaaS application is built using a tenant-per-database model, so the SELECT * FROM VenueEvents ``` -To examine a View and see how it's created: +In the sample database we calculated an integer id from a hash of the Venue name, but any approach could be used to introduce a unique value. This is similar to how we create the tenant key in the catalog, but there is no requirement that the catalog key and tenant id in the *adhocanalytics* database be the same. + +To examine a *View* and see how it's created: 1. In **Object Explorer**, expand **contosoconcethall** > **Views**: @@ -93,26 +92,29 @@ Do this for any *View* to examine how it's created. This exercise deploys the *adhocanalytics* database. This database contains the schema used for querying across all tenant databases. The database is deployed to the existing catalog server, which is the server that contains all management-related databases. -1. Open ...\\Learning Modules\\Operational Analytics\\Adhoc Analytics\\*Demo-AdhocAnalytics.ps1* in the *PowerShell ISE* and set the following values: - * **$DemoScenario** = 2, **Deploy Ad-hoc analytics database**. - -1. Scroll down in the script to the SQL script containing the schema for the database. Review the script and note the following: +1. Open ...\\Learning Modules\\Operational Analytics\\Adhoc Analytics\\*Deploy-AdhocAnalyticsDB.ps1* +1. Scroll down to the section assigining `$commandText` to the SQL script. Review the script and note the following: 1. Elastic Query uses a database-scoped credential to access each of the tenant databases. This credential needs to be available in all the databases and should normally be granted the minimum rights required to enable these ad-hoc queries. 1. The external data source, that is defined to use the tenant shard map in the catalog database. By using this as the external data source, queries will be distributed to all databases registered in the catalog at the point the query is issued. 1. The external tables that reference the global Views described in the previous section. 1. The local table *VenueTypes* that is created and populated. As this reference data table is common in all tenant databases, it can be represented here as a local table, which for some queries may reduce the amount of data moved between the tenant databases and the *adhocanalytics* database. + +1. Now open ...\\Learning Modules\\Operational Analytics\\Adhoc Analytics\\*Demo-AdhocAnalytics.ps1* in the *PowerShell ISE* and set the following values: + * **$DemoScenario** = 2, **Deploy Ad-hoc analytics database**. + 1. Press **F5** to run the script and create the *adhocanalytics* database. It's ok to ignore warnings here about *The RPC server is unavailable*. - You now have an *adhocanalytics* database, that can be used to run distributed queries, and gather insights across all tenants! +![adhocanalytics database](media/sql-database-saas-tutorial-adhoc-analytics/adhocanalytics.png) + ## Run Ad-hoc analytics queries -This exercise runs ad-hoc analytics queries to uncover tenant insights from the WTP application. +Now that the *adhocanalytics* database is set up, run some ad-hoc queries: 1. Open ...\\Learning Modules\\Operational Analytics\\Adhoc Analytics\\*Demo-AdhocAnalyticsQueries.sql* in SSMS. 1. Ensure you are connected to the **adhocanalytics** database @@ -136,5 +138,5 @@ Now try the [Tenant Analytics tutorial](sql-database-saas-tutorial-tenant-analyt ## Additional resources -* [Additional tutorials that build upon the initial Wingtip SaaS application deployment](sql-database-wtp-overview.md#sql-database-wingtip-saas-tutorials) +* Additional [tutorials that build upon the Wingtip SaaS application](sql-database-wtp-overview.md#sql-database-wingtip-saas-tutorials) * [Elastic Query](sql-database-elastic-query-overview.md)"
},
{
sha: "7ffb2b94949749a11fbf229911941068538c46bd",
filename: "articles/sql-database/toc.yml",
status: "modified",
additions: 1,
deletions: 3,
changes: 4,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/toc.yml",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/sql-database/toc.yml",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/sql-database/toc.yml?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -13,14 +13,12 @@ href: sql-database-get-started-cli.md - name: Create DB - PowerShell href: sql-database-get-started-powershell.md - - name: Manage + - name: Connect and query items: - name: SSMS href: sql-database-connect-query-ssms.md - name: VS Code href: sql-database-connect-query-vscode.md - - name: Connect - items: - name: .NET href: sql-database-connect-query-dotnet.md - name: PHP"
},
{
sha: "3572bb6e75e8bb23c9cf0416e3882a59274c97df",
filename: "articles/virtual-machines/linux/convert-unmanaged-to-managed-disks.md",
status: "modified",
additions: 0,
deletions: 3,
changes: 3,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/virtual-machines/linux/convert-unmanaged-to-managed-disks.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/virtual-machines/linux/convert-unmanaged-to-managed-disks.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/virtual-machines/linux/convert-unmanaged-to-managed-disks.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -34,9 +34,6 @@ You cannot convert an unmanaged disk into a managed disk if the unmanaged disk i ## Convert VM to Azure Managed Disks This section covers how to convert your existing Azure VMs from unmanaged disks to managed disks. You can use this process to convert from Premium (SSD) unmanaged disks to Premium managed disks, or from standard (HDD) unmanaged disks to standard managed disks. -> [!IMPORTANT] -> After performing the following procedure, there is a single block blob that remains in the default vhds container. The name of the file is “VMName.xxxxxxx.status”. Do not delete this remaining status object. Future work should address this issue. - 1. Deallocate the VM with [az vm deallocate](/cli/azure/vm#deallocate). The following example deallocates the VM named `myVM` in the resource group named `myResourceGroup`: ```azurecli "
},
{
sha: "c476121787846681dd5de576abf14b562f01499e",
filename: "articles/virtual-machines/windows/attach-disk-portal.md",
status: "modified",
additions: 4,
deletions: 1,
changes: 5,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/virtual-machines/windows/attach-disk-portal.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/virtual-machines/windows/attach-disk-portal.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/virtual-machines/windows/attach-disk-portal.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -90,13 +90,16 @@ If the command returns 0, TRIM is enabled correctly. If it returns 1, run the fo ``` fsutil behavior set DisableDeleteNotify 0 ``` - + After deleting data from your disk, you can ensure the TRIM operations flush properly by running defrag with TRIM: ``` defrag.exe <volume:> -l ``` +You can also ensure the entire volume is trimmed by formatting the volume. + + ## Next steps If you application needs to use the D: drive to store data, you can [change the drive letter of the Windows temporary disk](change-drive-letter.md?toc=%2fazure%2fvirtual-machines%2fwindows%2fclassic%2ftoc.json). "
},
{
sha: "670f26f36712a3b1384044e95e3faade1ed12679",
filename: "articles/virtual-machines/windows/attach-managed-disk-portal.md",
status: "modified",
additions: 23,
deletions: 0,
changes: 23,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/virtual-machines/windows/attach-managed-disk-portal.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/articles/virtual-machines/windows/attach-managed-disk-portal.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/articles/virtual-machines/windows/attach-managed-disk-portal.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -54,5 +54,28 @@ You can also [attach a data disk using Powershell](attach-disk-ps.md). 9. You will get a warning that formatting the disks will erase all of the data, click **OK**. 10. When the format is complete, click **OK**. +## Use TRIM with standard storage + +If you use standard storage (HDD), you should enable TRIM. TRIM discards unused blocks on the disk so you are only billed for storage that you are actually using. This can save on costs if you create large files and then delete them. + +You can run this command to check the TRIM setting. Open a command prompt on your Windows VM and type: + +``` +fsutil behavior query DisableDeleteNotify +``` + +If the command returns 0, TRIM is enabled correctly. If it returns 1, run the following command to enable TRIM: +``` +fsutil behavior set DisableDeleteNotify 0 +``` + +After deleting data from your disk, you can ensure the TRIM operations flush properly by running defrag with TRIM: + +``` +defrag.exe <volume:> -l +``` + +You can also ensure the entire volume is trimmed by formatting the volume. + ## Next steps If you application needs to use the D: drive to store data, you can [change the drive letter of the Windows temporary disk](change-drive-letter.md?toc=%2fazure%2fvirtual-machines%2fwindows%2fclassic%2ftoc.json)."
},
{
sha: "180602dc845ad8b5059d82d195a007f54d0311de",
filename: "includes/sample-powershell-install-no-ssh.md",
status: "modified",
additions: 3,
deletions: 1,
changes: 4,
blob_url: "https://github.com/Microsoft/azure-docs/blob/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/includes/sample-powershell-install-no-ssh.md",
raw_url: "https://github.com/Microsoft/azure-docs/raw/c8afc1dc9d48c793fd531917fea7b27cde7b14b7/includes/sample-powershell-install-no-ssh.md",
contents_url: "https://api.github.com/repos/Microsoft/azure-docs/contents/includes/sample-powershell-install-no-ssh.md?ref=c8afc1dc9d48c793fd531917fea7b27cde7b14b7",
patch: "@@ -1 +1,3 @@ -If needed, install the Azure PowerShell using the instruction found in the [Azure PowerShell guide](https://docs.microsoft.com/powershell/azureps-cmdlets-docs/), and then run `Login-AzureRmAccount` to create a connection with Azure. +This sample requires the Azure PowerShell module version 4.0 or later. Run ` Get-Module -ListAvailable AzureRM` to find the version. If you need to install or upgrade, see [Install Azure PowerShell module](/powershell/azure/install-azurerm-ps). + +Run `Login-AzureRmAccount` to create a connection with Azure. "
}
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment