⭐ Repository → 📁 Compliance Engine → 📁 CloudAware → 📁 Azure → 📁 SQL Managed Instance

🛡️ Azure SQL Managed Instance is located in a less cost-effective region🟢

• Contextual name: 🛡️ Managed Instance is located in a less cost-effective region🟢
• ID: /ce/ca/azure/sql-managed-instance/instance-cost-effective-region
• Tags:
  • 🟢 Policy with categories
  • 🟢 Policy with type
  • 🟢 Production policy
• Policy Type: BEST_PRACTICE
• Policy Categories: COST

Logic

• 🧠 prod.logic.yaml🟢
  • 📗 Azure SQL Managed Instance
  • 🔌 Azure SQL Managed Instance - object.extracts.yaml
  • 🧪 test-data.json

Description

Open File

Description

This policy identifies Azure SQL Managed Instance that are provisioned in Azure regions known to have higher pricing compared to nearby alternatives.

Rationale

Selecting the appropriate Azure region is essential for optimizing both cost and performance. Service pricing can vary across regions due to factors such as infrastructure expenses, energy costs, and local taxes. Deploying workloads in cost-efficient regions can result in substantial savings on monthly Azure expenditures.

Impact

Migrating workloads to different regions requires careful planning to avoid service disruptions and to ensure latency, compliance, and data sovereignty requirements continue to be met.

Audit

This policy flagged an Azure SQL Managed Instance as INCOMPLIANT if it is running in one of the following regions identified as less cost-efficient:

Region	Recommended Alternative
westus, westcentralus	westus3, westus2

... see more

Remediation

Open File

Remediation

Move Azure SQL Managed Instance Resources to a New Region with Replication Process

Workflow Summary

1. Create a target SQL Managed Instance of the same size in the destination region.
2. Configure the network settings for the target instance.
3. Set up the master database on the target instance with the necessary logins.
4. Ensure that any customer-managed keys (BYOK) used for Transparent Data Encryption (TDE) are available in the target region.
5. Move any audit logs and configure auditing on the target instance.
6. Set up a failover group between the source and target instances to initiate database replication.
7. Monitor the replication process to ensure all databases are synchronized.
8. Perform a manual failover to the target instance to complete the migration.
9. Remove the resources from the source region.

1. Create Target SQL Managed Instance

• Provision a new SQL Managed Instance in the destination region with the same specifications as the source instance.
• Ensure that the target instance is in the same virtual network or peered network as the source instance.

... see more

policy.yaml

Open File

Linked Framework Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 Cloudaware Framework → 💼 Resource Optimization			23		no data