Announcing the general availability (GA) of private endpoints for Azure SQL Managed Instance
In our earlier blog post titled Private endpoints for Azure SQL Managed Instance we announced the public preview of private endpoints for the managed PaaS database offering from the SQL Server family of products. Owing to the convenience, management and security benefits granted by private endpoints to the network and database administrators, private endpoints have been a hotly anticipated feature for Azure SQL Managed Instance.
Today we share the big news: private endpoints for Azure SQL Managed Instance are now generally available (GA) in public Azure regions!
With private endpoints in general availability, you can now rely on Azure network infrastructure to carry your SQL traffic to its destination Azure SQL Managed Instance with the following benefits:
- Connections to your managed instances traverse Azure’s backbone network.
- You authorize a private endpoint from a virtual network to a managed instance, not network-to-network.
- A private endpoint takes a single IP address from its “home” virtual network, meaning that you’re much less likely to exhaust your available IP address space.
- Private endpoint to a managed instance is one-way only (network to managed instance), meaning that a private endpoint is not a data exfiltration path.
- A private endpoint always has a static IP address.
To mark the occasion of becoming generally available, we’ll follow this announcement with a series of blog posts showcasing private endpoints in action. We’ll discuss some common scenarios that an Azure SQL Managed Instance database or network administrator may encounter and how those scenarios can be made more convenient, secure, or manageable with the help of private endpoints. Lastly, we’ll present you with some non-scenarios in which private endpoints aren’t the answer (and why).
So stay tuned until our next post, in which we’ll review some basic scenarios of private endpoints in action. We'll link those posts here as they become available:
- Scenarios with private endpoints
- Advanced scenarios with private endpoints
- Non-scenarios with private endpoints
Until then, here are some resources to get you started:
- Our earlier blog post on the general idea and purpose of private endpoints, Private endpoints for Azure SQL Managed Instance
- A five-minute video on Private Link and private endpoints (there’s lots more on SQL MI’s YouTube channel)
- Official documentation at Azure Private Link and private endpoints