Ensure that Microsoft Azure SQL database servers are using auto-failover groups in order to enable database replication and automatic failover. A Microsoft Azure SQL failover group is designed to automatically manage replication, connectivity, high availability and failover for a set of SQL databases.
This rule resolution is part of the Cloud Conformity Security & Compliance tool for Azure
When auto-failover groups are used for your Azure SQL databases, any outage that impacts one or more SQL databases within the group results in an automatic failover. In addition, auto-failover groups provide read-write and read-only listener endpoints that remain unchanged during failovers. Whether you use manual or automatic failover activation, the failover process switches all secondary databases in the group to primary databases. After the failover is completed, the DNS record is automatically updated to redirect the endpoints to the new Azure region.
To determine if your Azure SQL database servers are configured to use auto-failover groups, perform the following actions:
Remediation / Resolution
To configure your Microsoft Azure SQL database servers to use auto-failover groups, perform the following actions:
- Azure Official Documentation
- Use auto-failover groups to enable transparent and coordinated failover of multiple databases
- Configure a failover group for Azure SQL Database
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
You are auditing:
Enable Auto-Failover Groups
Risk level: Medium