[Server Name] Reference
This template provides an outline and example content to help ensure the relevant details are captured for a database server hosted in Azure. Please remove example content and subsections that do not apply to the specific instance.
General Information
- Server Name:
my-sqlserver-name.database.windows.net - Resource Group:
rg-data-prod - Subscription:
Production Subscription - Region:
Central US - Environment:
Production / Staging / Development - Deployment Date:
YYYY-MM-DD - Owner:
Jane Doe (Data Platform Team)
Purpose and Description
- Purpose of this SQL Server:
- e.g., "Hosts operational databases for enterprise applications X and Y."
Application/Service Dependencies
- App 1 - Description
- App 2 - Description
Databases Hosted on this Server
| Database Name | Purpose | Impact | Sensitivity |
|---|---|---|---|
AppMainDB |
Main application DB | General | PII |
TelemetryArchiveDB |
IoT data archive | Critical | Non-PHI |
ReportingDB |
Power BI reporting warehouse | Low | Sensitive |
Networking and Connectivity
-
Firewall Rules:
- Allow Azure services:
Enabled / Disabled - Public IPs Allowed:
Rule Name Start IP End IP Description office40.112.65.10040.112.65.100Office network vpn10.0.0.010.0.0.255On-premises VPN tunnel
- Allow Azure services:
-
Private Endpoint:
Enabled / Disabled- Private Link Resource:
sqlserver-name.privatelink.database.windows.net - VNet/Subnet:
vnet-data-prod/subnet-db-private
-
DNS Zone Integration:
- Private DNS Zone:
privatelink.database.windows.net
- Private DNS Zone:
Authentication and Access
- Authentication Mode:
SQL / Azure AD / Mixed - Active Directory Admin:
sqladmin@domain.com - SQL Admin Login:
sqladmin - Key Vault: [Key vault name](portal link)
Access Control Policies
- Roles assigned to users and groups
- RBAC assignments for key vault access if using CMK
Security Configuration
Encryption
Auditing
- Auditing Enabled:
Yes - Destination:
Log Analytics Workspace / Storage Account - Retention:
90 Days
Advanced Threat Protection
- Status:
Enabled - Alerts configured:
Email to security@domain.com
Data Masking
- Dynamic data masking rules configured:
Yes / No
Performance and Sizing
-
Tier:
General Purpose / Business Critical -
vCores:
4 / 8 / 16 -
Storage Size (per DB):
e.g. 100 GB -
I/O Throughput Tier:
Standard / Premium -
Query Store:
Enabled -
Index Management Strategy:
Manual / Automated
Backup and Restore
- Automated Backups:
Enabled- Retention:
7 / 14 / 35 days
- Retention:
- Long-Term Retention (LTR):
- Configured for DB:
Yes / No - Retention Duration:
1 year
- Configured for DB:
- Geo-Backup:
Enabled - Restore Tested:
Yes – last tested on YYYY-MM-DD
Monitoring and Alerting
Monitoring Tools/Process
- Azure Monitor / Log Analytics / SQL Insights
- Diagnostic Settings:
Enabled
Alerts Configured
| Alert Name | Metric | Threshold | Action Group |
|---|---|---|---|
| High CPU | CPU > 85% | 15 mins | dba-alerts@domain.com |
| Blocked Processes | Block count >5 | 10 mins | slack-dba, pagerduty |
Maintenance Procedures
-
Patch Management:
- Maintenance window:
Configured / Default
- Maintenance window:
-
Index Optimization:
- Schedule:
Weekly on Sunday at 3 AM - Script Location:
scripts/optimize_indexes.sql
- Schedule:
-
Statistics Update:
Auto Update Stats: Enabled
Disaster Recovery
- DR Playbook Location:
[Link to SOP or internal docs]
Change Management
Schema Deployment Process
- Git-based, CI/CD with Azure DevOps pipelines
- Approval process:
Change board / Team lead - Link to guide
Rollback Process
- Point-in-time restore
- Schema version tagging
- Link to guide
Known Issues
- e.g., "Intermittent deadlocks on ReportingDB during ETL window"
- e.g., "Connection pool saturation under BI load"
Contact and Support
-
Name (Email)
-
Additional Support:
Microsoft Unified Support
SLA Tier: Premium