共用方式為


快速入門:使用ARM範本建立 Azure SQL 受控實例

本快速入門指南著重於如何使用 Azure Resource Manager 範本 (ARM 範本) 來佈署 Azure SQL 受控實例和 vNet 的流程。 Azure SQL 受控實例 是智慧型手機、完全受控、可調整的雲端資料庫,與 SQL Server 資料庫引擎幾乎 100 個% 功能同位。

ARM 樣本 是 JavaScript 物件表示法 (JSON) 檔案,可定義專案的基礎結構和組態。 範本使用宣告式語法。 在宣告式語法中,您可以在不撰寫程式設計命令順序的情況下,描述您想要的部署。

如果您的環境符合必要條件,且您已熟悉使用 ARM 範本,請選取 部署至 Azure 按鈕。 範本會在 Azure 入口網站中開啟。

部署至 Azure

先決條件

  • Azure 訂用帳戶。 如果您沒有 Azure 訂用帳戶,建立免費帳戶
  • 在一般情況下,您的用戶必須具有在訂閱範圍內指派的 SQL 受控實例參與者 角色。
  • 如果在已經委派給 Azure SQL 受控實例的子網中進行佈建,您的使用者只需要在訂用帳戶範圍內被指派 Microsoft.Sql/managedInstances/write 許可權。

檢閱範本

本快速入門中使用的範本來自 Azure 快速入門範本

{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "metadata": {
    "_generator": {
      "name": "bicep",
      "version": "0.17.1.54307",
      "templateHash": "2861010078937229146"
    }
  },
  "parameters": {
    "managedInstanceName": {
      "type": "string",
      "metadata": {
        "description": "Enter managed instance name."
      }
    },
    "administratorLogin": {
      "type": "string",
      "metadata": {
        "description": "Enter user name."
      }
    },
    "administratorLoginPassword": {
      "type": "securestring",
      "metadata": {
        "description": "Enter password."
      }
    },
    "location": {
      "type": "string",
      "defaultValue": "[resourceGroup().location]",
      "metadata": {
        "description": "Enter location. If you leave this field blank resource group location would be used."
      }
    },
    "virtualNetworkName": {
      "type": "string",
      "defaultValue": "SQLMI-VNET",
      "metadata": {
        "description": "Enter virtual network name. If you leave this field blank name will be created by the template."
      }
    },
    "addressPrefix": {
      "type": "string",
      "defaultValue": "10.0.0.0/16",
      "metadata": {
        "description": "Enter virtual network address prefix."
      }
    },
    "subnetName": {
      "type": "string",
      "defaultValue": "ManagedInstance",
      "metadata": {
        "description": "Enter subnet name."
      }
    },
    "subnetPrefix": {
      "type": "string",
      "defaultValue": "10.0.0.0/24",
      "metadata": {
        "description": "Enter subnet address prefix."
      }
    },
    "skuName": {
      "type": "string",
      "defaultValue": "GP_Gen5",
      "allowedValues": [
        "GP_Gen5",
        "BC_Gen5"
      ],
      "metadata": {
        "description": "Enter sku name."
      }
    },
    "vCores": {
      "type": "int",
      "defaultValue": 16,
      "allowedValues": [
        4,
        8,
        16,
        24,
        32,
        40,
        64,
        80
      ],
      "metadata": {
        "description": "Enter number of vCores."
      }
    },
    "storageSizeInGB": {
      "type": "int",
      "defaultValue": 256,
      "maxValue": 8192,
      "minValue": 32,
      "metadata": {
        "description": "Enter storage size."
      }
    },
    "licenseType": {
      "type": "string",
      "defaultValue": "LicenseIncluded",
      "allowedValues": [
        "BasePrice",
        "LicenseIncluded"
      ],
      "metadata": {
        "description": "Enter license type."
      }
    }
  },
  "variables": {
    "networkSecurityGroupName": "[format('SQLMI-{0}-NSG', parameters('managedInstanceName'))]",
    "routeTableName": "[format('SQLMI-{0}-Route-Table', parameters('managedInstanceName'))]"
  },
  "resources": [
    {
      "type": "Microsoft.Network/networkSecurityGroups",
      "apiVersion": "2021-08-01",
      "name": "[variables('networkSecurityGroupName')]",
      "location": "[parameters('location')]",
      "properties": {
        "securityRules": [
          {
            "name": "allow_tds_inbound",
            "properties": {
              "description": "Allow access to data",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "1433",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 1000,
              "direction": "Inbound"
            }
          },
          {
            "name": "allow_redirect_inbound",
            "properties": {
              "description": "Allow inbound redirect traffic to Managed Instance inside the virtual network",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "11000-11999",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 1100,
              "direction": "Inbound"
            }
          },
          {
            "name": "deny_all_inbound",
            "properties": {
              "description": "Deny all other inbound traffic",
              "protocol": "*",
              "sourcePortRange": "*",
              "destinationPortRange": "*",
              "sourceAddressPrefix": "*",
              "destinationAddressPrefix": "*",
              "access": "Deny",
              "priority": 4096,
              "direction": "Inbound"
            }
          },
          {
            "name": "deny_all_outbound",
            "properties": {
              "description": "Deny all other outbound traffic",
              "protocol": "*",
              "sourcePortRange": "*",
              "destinationPortRange": "*",
              "sourceAddressPrefix": "*",
              "destinationAddressPrefix": "*",
              "access": "Deny",
              "priority": 4096,
              "direction": "Outbound"
            }
          }
        ]
      }
    },
    {
      "type": "Microsoft.Network/routeTables",
      "apiVersion": "2021-08-01",
      "name": "[variables('routeTableName')]",
      "location": "[parameters('location')]",
      "properties": {
        "disableBgpRoutePropagation": false
      }
    },
    {
      "type": "Microsoft.Network/virtualNetworks",
      "apiVersion": "2021-08-01",
      "name": "[parameters('virtualNetworkName')]",
      "location": "[parameters('location')]",
      "properties": {
        "addressSpace": {
          "addressPrefixes": [
            "[parameters('addressPrefix')]"
          ]
        },
        "subnets": [
          {
            "name": "[parameters('subnetName')]",
            "properties": {
              "addressPrefix": "[parameters('subnetPrefix')]",
              "routeTable": {
                "id": "[resourceId('Microsoft.Network/routeTables', variables('routeTableName'))]"
              },
              "networkSecurityGroup": {
                "id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroupName'))]"
              },
              "delegations": [
                {
                  "name": "managedInstanceDelegation",
                  "properties": {
                    "serviceName": "Microsoft.Sql/managedInstances"
                  }
                }
              ]
            }
          }
        ]
      },
      "dependsOn": [
        "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroupName'))]",
        "[resourceId('Microsoft.Network/routeTables', variables('routeTableName'))]"
      ]
    },
    {
      "type": "Microsoft.Sql/managedInstances",
      "apiVersion": "2021-11-01-preview",
      "name": "[parameters('managedInstanceName')]",
      "location": "[parameters('location')]",
      "sku": {
        "name": "[parameters('skuName')]"
      },
      "identity": {
        "type": "SystemAssigned"
      },
      "properties": {
        "administratorLogin": "[parameters('administratorLogin')]",
        "administratorLoginPassword": "[parameters('administratorLoginPassword')]",
        "subnetId": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworkName'), parameters('subnetName'))]",
        "storageSizeInGB": "[parameters('storageSizeInGB')]",
        "vCores": "[parameters('vCores')]",
        "licenseType": "[parameters('licenseType')]"
      },
      "dependsOn": [
        "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworkName'))]"
      ]
    }
  ]
}

這些資源定義於樣本中:

您可以在 Azure 快速入門範本中找到更多範例。

部署範本

選取 [嘗試] 從下列 PowerShell 程式代碼區塊,以開啟 Azure Cloud Shell。

重要

部署受控實例是長時間執行的作業。 在子網中部署第一個執行個體通常需要比將其部署到已有受控執行個體的子網中花費更長的時間。 如需平均布建時間,請參閱 SQL 受控實例管理作業

$projectName = Read-Host -Prompt "Enter a project name that is used for generating resource names"
$location = Read-Host -Prompt "Enter the location (i.e. centralus)"
$templateUri = "https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.sql/sqlmi-new-vnet/azuredeploy.json"

$resourceGroupName = "${projectName}rg"

New-AzResourceGroup -Name $resourceGroupName -Location $location
New-AzResourceGroupDeployment -ResourceGroupName $resourceGroupName -TemplateUri $templateUri

Read-Host -Prompt "Press [ENTER] to continue ..."

檢閱已部署的資源

請流覽 Azure 入口網站,並確認受控實例位於您選取的資源群組中。 因為建立受管理的實例可能需要一些時間,因此您可能需要在資源群組的 [概觀] 頁面上查看 [部署] 連結。

  • 如需示範如何從 Azure 虛擬機連線到 SQL 受控實例的快速入門,請參閱 設定 Azure 虛擬機連線
  • 如需示範如何使用點對站連線從內部部署用戶端電腦連線到 SQL 受控實例的快速入門,請參閱 設定點對站連線

清除資源

如果您想要移至 後續步驟,請保留受控實例,但在完成任何其他教學課程之後刪除受控實例和相關資源。 刪除受控實例之後,請參閱 刪除受控實例之後刪除子網

若要刪除資源群組:

$resourceGroupName = Read-Host -Prompt "Enter the Resource Group name"
Remove-AzResourceGroup -Name $resourceGroupName

後續步驟