Vivek Kaushik
AboutBlogWorkMy Work Ethics

Azure SQL Database

Deployment & Ease of Use
Deploy via portal, CLI, or ARM; integrates with DevOps for schema deployment
Key Functions
Fully managed relational database with built-in AI performance tuning, scaling, & security
Pricing Basis
DTU or vCore based pricing
Scalability
Auto scaling with elastic pools, hyperscale options
Security & IAM
Advanced threat protection, auditing, RBAC

1. What is Azure SQL Database?

Azure SQL Database is a fully managed Platform as a Service (PaaS) relational database service built on Microsoft SQL Server technology, hosted on Azure cloud. It provides scalable, highly available, and secure database capabilities without requiring you to manage the underlying infrastructure.
  • Supports most SQL Server features and T-SQL syntax.
  • Eliminates need for manual patching, backups, monitoring, and infrastructure maintenance.
  • Offers built-in intelligence to optimize performance and security.

2. Core Architecture and Deployment Models

Layer
Description
Client Layer
Applications connect via standard SQL clients (SSMS, ODBC, ADO.NET, JDBC) using Tabular Data Stream (TDS) protocol.
Service Layer
Manages resource provisioning, security/authentication, connection routing, and billing.
Platform Layer
Hosts databases on a cluster of physical servers, managing storage replication and scaling.
Infrastructure Layer
Ensures hardware maintenance, patching, backups, and underlying OS management.
Deployment Options:
  • Single Database: Isolated, managed database with dedicated compute and storage resources.
  • Elastic Pool: A collection of databases sharing resources dynamically to optimize cost and performance.
  • Managed Instance: Provides near 100% compatibility with on-prem SQL Server with instance-level features and network isolation.

3. Key Features and Capabilities

  • Scalability: Elastic compute and storage scaling with minimal downtime.
  • High Availability: Built-in geo-replication, zone redundancy, and fault tolerance with automatic failover.
  • Security: Advanced threat protection, encryption at rest and in transit, firewall, and VNet integration.
  • Performance Optimization: Automatic tuning, intelligent query processing, in-memory technologies.
  • Backup and Restore: Automated full, differential, and transaction log backups with point-in-time restore.
  • Compatibility: Supports T-SQL, SQL Server tools, and cross-platform drivers.

4. Pricing Models and Service Tiers

Tier
Description
Use Cases
Basic
Entry-level, low-cost for small databases, limited performance.
Development, testing, small apps
Standard
Balanced compute and storage, suitable for most business workloads.
Medium workloads with predictable traffic
Premium / Business Critical
High performance, low latency, high availability with HA replicas.
IO-intensive, mission-critical apps
Hyperscale
Highly scalable storage and compute with rapid scale, up to 100 TB+.
Large databases, SaaS applications with massive scale
Serverless
Auto-pausing compute for intermittent, unpredictable workloads, billed per second.
Variable workloads, dev/test, bursty usage
Pricing is based on compute units (DTUs or vCores)storage size, and backup retention.

5. Development and Tooling

  • Supports all standard SQL Server development tools: SQL Server Management Studio (SSMS), Azure Data Studio, Visual Studio.
  • Compatible with .NET, Java, Python, PHP, Node.js via standard SQL drivers (ODBC, JDBC, ADO.NET).
  • Integration with Azure DevOps CI/CD pipelines for automated deployments (using DACPACs, ARM templates, or Terraform).
  • Supports dynamic scaling via REST APIs, Portal, CLI, or PowerShell.

Sample: Connecting and Querying using C# (ADO.NET)

using System;
using System.Data.SqlClient;

string connectionString = "Server=tcp:<your_server>.database.windows.net,1433;Initial Catalog=<your_db>;Persist Security Info=False;User ID=<user>;Password=<password>;MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;";

using (SqlConnection conn = new SqlConnection(connectionString))
{
    conn.Open();
    SqlCommand cmd = new SqlCommand("SELECT TOP 10 * FROM dbo.MyTable", conn);
    SqlDataReader reader = cmd.ExecuteReader();
    while(reader.Read())
    {
        Console.WriteLine(reader[0].ToString());
    }
}

6. Configuration & Management

  • Manage server-level firewall to whitelist client IPs.
  • Configure Active Directory authentication for Azure AD users/groups.
  • Scale compute tier or storage size on demand through Portal/CLI/ARM.
  • Configure Advanced Data SecurityAuditing, and Threat Detection for compliance.
  • Manage backups, long-term retention policies, and geo-replication settings.

7. Security and Identity Management (IAM)

Security Aspect
Details
Authentication
Azure AD Authentication, SQL Authentication, Managed Identity for applications.
Authorization
Role-Based Access Control (RBAC) integrated with Azure AD.
Encryption
Transparent Data Encryption (TDE) for data at rest, Always Encrypted for sensitive data.
Network Security
Virtual Network Service Endpoints, Private Link (private IP), firewall rules.
Threat Protection
Advanced Threat Protection detects anomalous activities and vulnerabilities.
Auditing & Compliance
Built-in auditing and compliance certifications.

8. High Availability, Geo-Replication, and Disaster Recovery

  • Zone-redundant configurations spread replicas across availability zones.
  • Active Geo-Replication: Create up to 4 readable secondary replicas globally for read scaling and disaster recovery.
  • Auto-failover Groups: Coordinated failover of groups of databases across regions for high availability.
  • Automated backups enable point-in-time restore across retention period.

9. Monitoring & Performance

  • Integrates with Azure Monitor for metrics and alerts.
  • Provides Query Performance Insight, Intelligent Insights for workload optimization.
  • Diagnostic logs for auditing, query store for query analysis.
  • Support for Dynamic Management Views (DMVs) for performance troubleshooting.

10. Advanced Features and Integration

  • Intelligent Query Processing and Automatic Tuning: Adaptive joins, memory grants, and performance tuning.
  • Hyperscale Service Tier: Decouples compute and storage for rapid scale, supports large databases.
  • In-memory OLTP and Columnstore indexes for performance gains.
  • Integration with Azure Data FactoryPower BIAzure Synapse Analytics, and Machine Learning.
  • Supports Temporal Tables for auditing data changes.

11. Sample ARM Template Snippet for Azure SQL Database Deployment

{
  "type": "Microsoft.Sql/servers/databases",
  "apiVersion": "2021-05-01-preview",
  "name": "[concat(parameters('sqlServerName'), '/', parameters('databaseName'))]",
  "location": "[resourceGroup().location]",
  "properties": {
    "collation": "SQL_Latin1_General_CP1_CI_AS",
    "maxSizeBytes": "1073741824",
    "sampleName": "AdventureWorksLT"
  },
  "sku": {
    "name": "S0",
    "tier": "Standard",
    "capacity": 10
  }
}

12. Summary Table: Azure SQL Database Features

ServiceKey
Functions / Description
Pricing Basis
Scalability
Security & IAM
Deployment & Ease of Use
Azure SQL Database
Fully managed relational database service; PaaS with built-in HA, scaling, and intelligence
Pay per compute unit (DTU or vCore), storage, backup retention, and features
Auto-scale compute and storage (elastic pools/hyperscale); geo-replication for global scale
Azure AD, RBAC, Managed Identities, encryption, VNet/Private Link
Deploy via Portal, CLI, ARM, DevOps pipelines; supports SQL Server tools

FAQ

Q: What is Azure SQL Database and how does it differ from on-premises SQL Server?
A: Azure SQL Database is a fully managed Platform as a Service (PaaS) relational database built on SQL Server technology but deployed on Azure cloud. It eliminates infrastructure management like patching, backups, and high availability, offering built-in scalability, advanced security, and pay-as-you-go pricing. Unlike on-premises SQL Server, it abstracts server management and provides cloud-native features like geo-replication and automatic tuning.
Q: What are the deployment options available in Azure SQL Database?
A:
  • Single Database: Individual, isolated fully managed databases with dedicated compute and storage.
  • Elastic Pool: Multiple databases sharing a pool of resources to optimize cost and performance for variable usage scenarios.
  • Managed Instance: Near 100% compatibility with on-prem SQL Server, supports instance-level features, suitable for lift-and-shift migrations.
  • Hyperscale: Scalable storage and compute for very large databases (up to 100+ TB).
  • Serverless: Automatically scales compute and can pause during inactive periods to save costs.
Q: What is an Elastic Pool and when would you use it?
A: Elastic Pools allow you to allocate a shared set of resources to multiple databases. It is cost-effective when managing many databases with unpredictable or varying usage that can benefit from resource sharing and balancing.
Q: How do you scale Azure SQL Database?
A: You scale by adjusting the service tier or compute size (vCores or DTUs) via Azure Portal, CLI, or APIs. Hyperscale databases scale storage and compute independently. Serverless tiers scale compute dynamically based on workload.
Q: What are DTUs and vCores in Azure SQL Database?
A:
  • DTU (Database Transaction Unit): A blended measure of CPU, memory, reads, and writes that provides simple performance benchmarking.
  • vCore: Offers more transparent and flexible resource scaling by specifying virtual CPU cores and memory directly, allowing custom resource allocation and licensing models.
Q: How is high availability achieved in Azure SQL Database?
A: Azure SQL Database provides built-in high availability using fault-tolerant architecture with multiple replicas, automatic failover, and zone-redundancy. Features like Active Geo-Replication and Auto-Failover Groups enable cross-region availability and disaster recovery.

Intermediate Interview Questions and Answers

Q: What security features does Azure SQL Database offer?
A:
  • Authentication: Supports SQL authentication and Azure Active Directory (Azure AD) integrated authentication.
  • Authorization: Role-Based Access Control (RBAC) via Azure AD.
  • Encryption: Transparent Data Encryption (TDE) for data at rest, Always Encrypted for sensitive data, TLS for data in transit.
  • Advanced Threat Protection: Detects anomalous activities and vulnerabilities.
  • Firewall and Virtual Network integration: Controls access by IP and network isolation.
  • Data Masking & Auditing: To protect sensitive data and monitor access.
Q: What is Query Performance Insight?
A: A built-in tool that helps identify resource-intensive or slow-running queries, offering recommendations to optimize indexing and query plans to improve performance.
Q: How do you monitor Azure SQL Database?
A: Use Azure Monitor metrics, Query Performance Insight, Dynamic Management Views (DMVs), Azure SQL Analytics, and alerts to monitor metrics such as CPU usage, DTU consumption, IO statistics, deadlocks, and query wait times.
Q: What is Automatic Tuning in Azure SQL Database?
A: It enables the database to automatically apply tuning recommendations such as creation or dropping of indexes and plan corrections to improve query performance continuously.
Q: How does Azure SQL handle backups?
A: Automated backups happen continuously with full, differential, and transaction log backups, with retention based on configured policy (default 7-35 days). Point-in-time restore allows restoring a database to any time within the retention window.

Advanced and Tricky Interview Questions and Answers

Q: What is Hyperscale in Azure SQL Database and what benefits does it provide?
A: Hyperscale is a service tier designed for very large databases offering fast scaling of storage independent from compute, rapid database restore times, and the ability to scale out read-only replicas for analytics and reporting. It supports up to 100+ TB databases, enabling elastic compute and storage.
Q: Explain how Auto-Failover Groups work in Azure SQL Database.
A: Auto-Failover Groups manage failover of groups of databases across regions, enabling coordinated failover during region outages. They ensure minimal downtime and automatic application redirection with DNS updates.
Q: Describe how you would implement Always Encrypted and its advantages.
A: Always Encrypted protects sensitive data by encrypting data inside client applications and never revealing plaintext to the database engine. It maintains confidentiality, protecting data from unauthorized access including DBAs.
Q: What challenges would you face migrating an on-premises SQL Server database to Azure SQL Managed Instance?
A:
  • Compatibility issues with unsupported features or deprecated SQL Server components.
  • Differences in administrative access and custom configurations.
  • Network connectivity and latency.
  • Data migration volume and downtime concerns.
  • Adjusting security models to cloud environment.
Q: How can you optimize performance for Azure SQL Databases with high transaction workloads?
A: Use appropriate service tiers (Premium or Business Critical), index tuning, in-memory OLTP features, query optimizations, partitioning large tables, and leverage read-scale replicas for read-heavy workloads.
Q: How does Azure SQL Database ensure data durability and disaster recovery?
A: Uses multiple replicas within availability zones, geo-replicated readable secondary databases, backup retention, and supports manual or automatic failover to protect against failures.
Q: How do you secure connectivity to Azure SQL Database in private networks?
A: Using Virtual Network (VNet) service endpoints or Private Link (private endpoints), you can secure database access without exposing endpoints to the public internet.

Scenario-Based Interview Questions and Answers

Q: How would you design a globally distributed database application using Azure SQL Database?
A: Use Active Geo-Replication or Auto-Failover Groups to replicate databases across regions for read scalability and disaster recovery. Use read-scale replicas to serve global reads, combined with latency-based routing and caching.
Q: Describe a CI/CD strategy for deploying schema changes to Azure SQL Database
A: Use tools like Azure DevOps pipelines or GitHub Actions with DACPACs for schema deployments. Include database migration steps with transactional scripts, rollback plans, testing in staging slots or sandbox databases, and gradual rollout with monitoring.
Q: How do you implement auditing and compliance in Azure SQL Database?
A: Enable SQL Audit to capture database actions, log to Azure Monitor or storage, configure auditing policies to comply with regulations, and analyze audit logs for suspicious activities.
Q: How would you troubleshoot performance degradation in Azure SQL Database?
A: Use Query Performance Insight, Execution Plans, DMVs, Azure Monitor metrics, check for blocking, resource throttling, locking issues, missing indexes, and run performance tuning advisors.