-
Notifications
You must be signed in to change notification settings - Fork 5.1k
/
FailoverGroups.json
633 lines (633 loc) · 105 KB
/
FailoverGroups.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
{
"swagger": "2.0",
"info": {
"version": "2020-11-01-preview",
"title": "SqlManagementClient",
"description": "The Azure SQL Database management API provides a RESTful set of web APIs that interact with Azure SQL Database services to manage your databases. The API enables users to create, retrieve, update, and delete databases, servers, and other entities."
},
"host": "management.azure.com",
"schemes": [
"https"
],
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"paths": {
"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/failoverGroups/{failoverGroupName}": {
"get": {
"tags": [
"FailoverGroups"
],
"description": "Gets a failover group.",
"operationId": "FailoverGroups_Get",
"parameters": [
{
"$ref": "../../../common/v1/types.json#/parameters/ResourceGroupParameter"
},
{
"name": "serverName",
"in": "path",
"description": "The name of the server containing the failover group.",
"required": true,
"type": "string"
},
{
"name": "failoverGroupName",
"in": "path",
"description": "The name of the failover group.",
"required": true,
"type": "string"
},
{
"$ref": "../../../common/v1/types.json#/parameters/SubscriptionIdParameter"
},
{
"$ref": "../../../common/v1/types.json#/parameters/ApiVersionParameter"
}
],
"responses": {
"200": {
"description": "Successfully retrieved the specified failover group.",
"schema": {
"$ref": "#/definitions/FailoverGroup"
}
},
"default": {
"description": "*** Error Responses: ***\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidDatabases - The provided databases IDs are not properly constructed database resource IDs. For the example of proper formatting see https://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update failover group request body is empty or invalid. Please provide a valid value of this field. For examples of properly formatted requests see \r\nhttps://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidDatabaseServer - One or more of the provided databases do not exist on the primary server of the failover group. Please make sure that all the databases exist on the primary server.\n\n * 400 FailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner server for Failover Group is supported. Please modify your request accordingly. For examples of valid requests see https://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalid - The create or update failover group request body is empty or invalid.\n\n * 400 FailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 FailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint. Please remove it from request.\n\n * 400 FailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update failover group request body should not modify the read-only property '{0}'.\n\n * 400 FailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of failover group.\n\n * 400 FailoverGroupPartnerServerFromDifferentSubscription - Primary server and the partner servers of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 PartnerServerNotCompatible - The user is attempting to copy a database from a SAWA V1 server to a Sterling server or vice versa.\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 ResourcePoolNotFound - Specified elastic pool does not exist in the specified logical server.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in a Failover Group need to reside in different regions to provide isolation.\n\n * 400 FailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 FailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a Failover Group.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 DatabaseInFailoverGroupNotPrimary - GeoDR link for the database already exists, but its role is not 'Primary' or it is not continuous copy link.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 UnableToCreateFailoverGroupDueToTableAuditing - Failover Group cannot be created for server that has table auditing turned on.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 UnableToAddDbWithTableAuditingToFailoverGroup - Database with Table Auditing enabled will not be accessible through Failover Group endpoint.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 LimitOfFailoverGroupsPerServerExceeded - Creating new Failover Group will exceed the allowed number of Failover Groups per server.\n\n * 400 AzureKeyVaultMismatchError - Unexpected Key Vault region found in the http response.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 GeoReplicaLimitReached - The per-replica replication limit was reached.\n\n * 400 FailoverGroupWithVirtualNetworkRulesNotSupported - Failover Groups configured with an automatic failover policy are currently not supported on servers configured with virtual network firewall rules. Please configure the failover group with manual failover policy.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 401 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 401 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 401 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 401 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 401 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 FailoverGroupAlreadyExists - Failover group already exists on a given server. Please use different Failover Group name.\n\n * 409 FailoverGroupBusy - Failover Group is busy with another operation.\n\n * 409 DatabaseBelongsToOtherFailoverGroup - Database belongs to other Failover Group and cannot be consider a part of this one.\n\n * 409 DatabaseBeingAddedToFailoverGroup - The database is currently being added to Failover Group, customer needs to wait for this operation to finish to issue remove.\n\n * 409 DatabaseBeingRemovedFromFailoverGroup - The database is currently being removed from failover group, customer needs to wait for this operation to finish to issue add.\n\n * 409 FailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication seeding operation was performed on a database that is already in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout."
}
},
"x-ms-examples": {
"Get failover group": {
"$ref": "./examples/FailoverGroupGet.json"
}
}
},
"put": {
"tags": [
"FailoverGroups"
],
"description": "Creates or updates a failover group.",
"operationId": "FailoverGroups_CreateOrUpdate",
"parameters": [
{
"$ref": "../../../common/v1/types.json#/parameters/ResourceGroupParameter"
},
{
"name": "serverName",
"in": "path",
"description": "The name of the server containing the failover group.",
"required": true,
"type": "string"
},
{
"name": "failoverGroupName",
"in": "path",
"description": "The name of the failover group.",
"required": true,
"type": "string"
},
{
"name": "parameters",
"in": "body",
"description": "The failover group parameters.",
"required": true,
"schema": {
"$ref": "#/definitions/FailoverGroup"
}
},
{
"$ref": "../../../common/v1/types.json#/parameters/SubscriptionIdParameter"
},
{
"$ref": "../../../common/v1/types.json#/parameters/ApiVersionParameter"
}
],
"responses": {
"200": {
"description": "Successfully updated the failover group.",
"schema": {
"$ref": "#/definitions/FailoverGroup"
}
},
"default": {
"description": "*** Error Responses: ***\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidDatabases - The provided databases IDs are not properly constructed database resource IDs. For the example of proper formatting see https://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update failover group request body is empty or invalid. Please provide a valid value of this field. For examples of properly formatted requests see \r\nhttps://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidDatabaseServer - One or more of the provided databases do not exist on the primary server of the failover group. Please make sure that all the databases exist on the primary server.\n\n * 400 FailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner server for Failover Group is supported. Please modify your request accordingly. For examples of valid requests see https://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalid - The create or update failover group request body is empty or invalid.\n\n * 400 FailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 FailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint. Please remove it from request.\n\n * 400 FailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update failover group request body should not modify the read-only property '{0}'.\n\n * 400 FailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of failover group.\n\n * 400 FailoverGroupPartnerServerFromDifferentSubscription - Primary server and the partner servers of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 PartnerServerNotCompatible - The user is attempting to copy a database from a SAWA V1 server to a Sterling server or vice versa.\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 ResourcePoolNotFound - Specified elastic pool does not exist in the specified logical server.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in a Failover Group need to reside in different regions to provide isolation.\n\n * 400 FailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 FailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a Failover Group.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 DatabaseInFailoverGroupNotPrimary - GeoDR link for the database already exists, but its role is not 'Primary' or it is not continuous copy link.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 UnableToCreateFailoverGroupDueToTableAuditing - Failover Group cannot be created for server that has table auditing turned on.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 UnableToAddDbWithTableAuditingToFailoverGroup - Database with Table Auditing enabled will not be accessible through Failover Group endpoint.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 LimitOfFailoverGroupsPerServerExceeded - Creating new Failover Group will exceed the allowed number of Failover Groups per server.\n\n * 400 AzureKeyVaultMismatchError - Unexpected Key Vault region found in the http response.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 GeoReplicaLimitReached - The per-replica replication limit was reached.\n\n * 400 FailoverGroupWithVirtualNetworkRulesNotSupported - Failover Groups configured with an automatic failover policy are currently not supported on servers configured with virtual network firewall rules. Please configure the failover group with manual failover policy.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 FailoverGroupCreateOrUpdatePartiallySucceeded - Some databases could not be added or removed.\n\n * 401 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 401 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 401 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 401 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 401 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 FailoverGroupAlreadyExists - Failover group already exists on a given server. Please use different Failover Group name.\n\n * 409 FailoverGroupBusy - Failover Group is busy with another operation.\n\n * 409 DatabaseBelongsToOtherFailoverGroup - Database belongs to other Failover Group and cannot be consider a part of this one.\n\n * 409 DatabaseBeingAddedToFailoverGroup - The database is currently being added to Failover Group, customer needs to wait for this operation to finish to issue remove.\n\n * 409 DatabaseBeingRemovedFromFailoverGroup - The database is currently being removed from failover group, customer needs to wait for this operation to finish to issue add.\n\n * 409 FailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication seeding operation was performed on a database that is already in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 FailoverGroupUnableToPerformGroupOperationOnDatabases - The list of databases to add/remove to/from Failover Group contains errors that are preventing operation to complete.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout."
},
"202": {
"description": "Accepted"
},
"201": {
"description": "Successfully created the failover group.",
"schema": {
"$ref": "#/definitions/FailoverGroup"
}
}
},
"x-ms-long-running-operation": true,
"x-ms-examples": {
"Create failover group": {
"$ref": "./examples/FailoverGroupCreateOrUpdate.json"
}
}
},
"delete": {
"tags": [
"FailoverGroups"
],
"description": "Deletes a failover group.",
"operationId": "FailoverGroups_Delete",
"parameters": [
{
"$ref": "../../../common/v1/types.json#/parameters/ResourceGroupParameter"
},
{
"name": "serverName",
"in": "path",
"description": "The name of the server containing the failover group.",
"required": true,
"type": "string"
},
{
"name": "failoverGroupName",
"in": "path",
"description": "The name of the failover group.",
"required": true,
"type": "string"
},
{
"$ref": "../../../common/v1/types.json#/parameters/SubscriptionIdParameter"
},
{
"$ref": "../../../common/v1/types.json#/parameters/ApiVersionParameter"
}
],
"responses": {
"200": {
"description": "Successfully deleted the failover group."
},
"default": {
"description": "*** Error Responses: ***\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidDatabases - The provided databases IDs are not properly constructed database resource IDs. For the example of proper formatting see https://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update failover group request body is empty or invalid. Please provide a valid value of this field. For examples of properly formatted requests see \r\nhttps://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidDatabaseServer - One or more of the provided databases do not exist on the primary server of the failover group. Please make sure that all the databases exist on the primary server.\n\n * 400 FailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner server for Failover Group is supported. Please modify your request accordingly. For examples of valid requests see https://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalid - The create or update failover group request body is empty or invalid.\n\n * 400 FailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 FailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint. Please remove it from request.\n\n * 400 FailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update failover group request body should not modify the read-only property '{0}'.\n\n * 400 FailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of failover group.\n\n * 400 FailoverGroupPartnerServerFromDifferentSubscription - Primary server and the partner servers of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 PartnerServerNotCompatible - The user is attempting to copy a database from a SAWA V1 server to a Sterling server or vice versa.\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 ResourcePoolNotFound - Specified elastic pool does not exist in the specified logical server.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in a Failover Group need to reside in different regions to provide isolation.\n\n * 400 FailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 FailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a Failover Group.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 DatabaseInFailoverGroupNotPrimary - GeoDR link for the database already exists, but its role is not 'Primary' or it is not continuous copy link.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 UnableToCreateFailoverGroupDueToTableAuditing - Failover Group cannot be created for server that has table auditing turned on.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 UnableToAddDbWithTableAuditingToFailoverGroup - Database with Table Auditing enabled will not be accessible through Failover Group endpoint.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 LimitOfFailoverGroupsPerServerExceeded - Creating new Failover Group will exceed the allowed number of Failover Groups per server.\n\n * 400 AzureKeyVaultMismatchError - Unexpected Key Vault region found in the http response.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 GeoReplicaLimitReached - The per-replica replication limit was reached.\n\n * 400 FailoverGroupWithVirtualNetworkRulesNotSupported - Failover Groups configured with an automatic failover policy are currently not supported on servers configured with virtual network firewall rules. Please configure the failover group with manual failover policy.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 401 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 401 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 401 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 401 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 401 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 FailoverGroupAlreadyExists - Failover group already exists on a given server. Please use different Failover Group name.\n\n * 409 FailoverGroupBusy - Failover Group is busy with another operation.\n\n * 409 DatabaseBelongsToOtherFailoverGroup - Database belongs to other Failover Group and cannot be consider a part of this one.\n\n * 409 DatabaseBeingAddedToFailoverGroup - The database is currently being added to Failover Group, customer needs to wait for this operation to finish to issue remove.\n\n * 409 DatabaseBeingRemovedFromFailoverGroup - The database is currently being removed from failover group, customer needs to wait for this operation to finish to issue add.\n\n * 409 FailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication seeding operation was performed on a database that is already in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout."
},
"202": {
"description": "Accepted"
},
"204": {
"description": "The specified failover group does not exist."
}
},
"x-ms-long-running-operation": true,
"x-ms-examples": {
"Delete failover group": {
"$ref": "./examples/FailoverGroupDelete.json"
}
}
},
"patch": {
"tags": [
"FailoverGroups"
],
"description": "Updates a failover group.",
"operationId": "FailoverGroups_Update",
"parameters": [
{
"$ref": "../../../common/v1/types.json#/parameters/ResourceGroupParameter"
},
{
"name": "serverName",
"in": "path",
"description": "The name of the server containing the failover group.",
"required": true,
"type": "string"
},
{
"name": "failoverGroupName",
"in": "path",
"description": "The name of the failover group.",
"required": true,
"type": "string"
},
{
"name": "parameters",
"in": "body",
"description": "The failover group parameters.",
"required": true,
"schema": {
"$ref": "#/definitions/FailoverGroupUpdate"
}
},
{
"$ref": "../../../common/v1/types.json#/parameters/SubscriptionIdParameter"
},
{
"$ref": "../../../common/v1/types.json#/parameters/ApiVersionParameter"
}
],
"responses": {
"200": {
"description": "Successfully updated the failover group.",
"schema": {
"$ref": "#/definitions/FailoverGroup"
}
},
"default": {
"description": "*** Error Responses: ***\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidDatabases - The provided databases IDs are not properly constructed database resource IDs. For the example of proper formatting see https://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update failover group request body is empty or invalid. Please provide a valid value of this field. For examples of properly formatted requests see \r\nhttps://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidDatabaseServer - One or more of the provided databases do not exist on the primary server of the failover group. Please make sure that all the databases exist on the primary server.\n\n * 400 FailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner server for Failover Group is supported. Please modify your request accordingly. For examples of valid requests see https://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalid - The create or update failover group request body is empty or invalid.\n\n * 400 FailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 FailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint. Please remove it from request.\n\n * 400 FailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update failover group request body should not modify the read-only property '{0}'.\n\n * 400 FailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of failover group.\n\n * 400 FailoverGroupPartnerServerFromDifferentSubscription - Primary server and the partner servers of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 PartnerServerNotCompatible - The user is attempting to copy a database from a SAWA V1 server to a Sterling server or vice versa.\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 ResourcePoolNotFound - Specified elastic pool does not exist in the specified logical server.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in a Failover Group need to reside in different regions to provide isolation.\n\n * 400 FailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 FailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a Failover Group.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 DatabaseInFailoverGroupNotPrimary - GeoDR link for the database already exists, but its role is not 'Primary' or it is not continuous copy link.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 UnableToCreateFailoverGroupDueToTableAuditing - Failover Group cannot be created for server that has table auditing turned on.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 UnableToAddDbWithTableAuditingToFailoverGroup - Database with Table Auditing enabled will not be accessible through Failover Group endpoint.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 LimitOfFailoverGroupsPerServerExceeded - Creating new Failover Group will exceed the allowed number of Failover Groups per server.\n\n * 400 AzureKeyVaultMismatchError - Unexpected Key Vault region found in the http response.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 GeoReplicaLimitReached - The per-replica replication limit was reached.\n\n * 400 FailoverGroupWithVirtualNetworkRulesNotSupported - Failover Groups configured with an automatic failover policy are currently not supported on servers configured with virtual network firewall rules. Please configure the failover group with manual failover policy.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 FailoverGroupCreateOrUpdatePartiallySucceeded - Some databases could not be added or removed.\n\n * 401 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 401 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 401 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 401 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 401 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 FailoverGroupAlreadyExists - Failover group already exists on a given server. Please use different Failover Group name.\n\n * 409 FailoverGroupBusy - Failover Group is busy with another operation.\n\n * 409 DatabaseBelongsToOtherFailoverGroup - Database belongs to other Failover Group and cannot be consider a part of this one.\n\n * 409 DatabaseBeingAddedToFailoverGroup - The database is currently being added to Failover Group, customer needs to wait for this operation to finish to issue remove.\n\n * 409 DatabaseBeingRemovedFromFailoverGroup - The database is currently being removed from failover group, customer needs to wait for this operation to finish to issue add.\n\n * 409 FailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication seeding operation was performed on a database that is already in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 FailoverGroupUnableToPerformGroupOperationOnDatabases - The list of databases to add/remove to/from Failover Group contains errors that are preventing operation to complete.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout."
},
"202": {
"description": "Accepted"
}
},
"x-ms-long-running-operation": true,
"x-ms-examples": {
"Update failover group": {
"$ref": "./examples/FailoverGroupUpdate.json"
}
}
}
},
"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/failoverGroups": {
"get": {
"tags": [
"FailoverGroups"
],
"description": "Lists the failover groups in a server.",
"operationId": "FailoverGroups_ListByServer",
"parameters": [
{
"$ref": "../../../common/v1/types.json#/parameters/ResourceGroupParameter"
},
{
"name": "serverName",
"in": "path",
"description": "The name of the server containing the failover group.",
"required": true,
"type": "string"
},
{
"$ref": "../../../common/v1/types.json#/parameters/SubscriptionIdParameter"
},
{
"$ref": "../../../common/v1/types.json#/parameters/ApiVersionParameter"
}
],
"responses": {
"200": {
"description": "Successfully retrieved the failover groups.",
"schema": {
"$ref": "#/definitions/FailoverGroupListResult"
}
},
"default": {
"description": "*** Error Responses: ***\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidDatabases - The provided databases IDs are not properly constructed database resource IDs. For the example of proper formatting see https://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update failover group request body is empty or invalid. Please provide a valid value of this field. For examples of properly formatted requests see \r\nhttps://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidDatabaseServer - One or more of the provided databases do not exist on the primary server of the failover group. Please make sure that all the databases exist on the primary server.\n\n * 400 FailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner server for Failover Group is supported. Please modify your request accordingly. For examples of valid requests see https://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalid - The create or update failover group request body is empty or invalid.\n\n * 400 FailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 FailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint. Please remove it from request.\n\n * 400 FailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update failover group request body should not modify the read-only property '{0}'.\n\n * 400 FailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of failover group.\n\n * 400 FailoverGroupPartnerServerFromDifferentSubscription - Primary server and the partner servers of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 PartnerServerNotCompatible - The user is attempting to copy a database from a SAWA V1 server to a Sterling server or vice versa.\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 ResourcePoolNotFound - Specified elastic pool does not exist in the specified logical server.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in a Failover Group need to reside in different regions to provide isolation.\n\n * 400 FailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 FailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a Failover Group.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 DatabaseInFailoverGroupNotPrimary - GeoDR link for the database already exists, but its role is not 'Primary' or it is not continuous copy link.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 UnableToCreateFailoverGroupDueToTableAuditing - Failover Group cannot be created for server that has table auditing turned on.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 UnableToAddDbWithTableAuditingToFailoverGroup - Database with Table Auditing enabled will not be accessible through Failover Group endpoint.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 LimitOfFailoverGroupsPerServerExceeded - Creating new Failover Group will exceed the allowed number of Failover Groups per server.\n\n * 400 AzureKeyVaultMismatchError - Unexpected Key Vault region found in the http response.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 GeoReplicaLimitReached - The per-replica replication limit was reached.\n\n * 400 FailoverGroupWithVirtualNetworkRulesNotSupported - Failover Groups configured with an automatic failover policy are currently not supported on servers configured with virtual network firewall rules. Please configure the failover group with manual failover policy.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 401 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 401 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 401 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 401 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 401 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 FailoverGroupAlreadyExists - Failover group already exists on a given server. Please use different Failover Group name.\n\n * 409 FailoverGroupBusy - Failover Group is busy with another operation.\n\n * 409 DatabaseBelongsToOtherFailoverGroup - Database belongs to other Failover Group and cannot be consider a part of this one.\n\n * 409 DatabaseBeingAddedToFailoverGroup - The database is currently being added to Failover Group, customer needs to wait for this operation to finish to issue remove.\n\n * 409 DatabaseBeingRemovedFromFailoverGroup - The database is currently being removed from failover group, customer needs to wait for this operation to finish to issue add.\n\n * 409 FailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication seeding operation was performed on a database that is already in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout."
}
},
"x-ms-pageable": {
"nextLinkName": "nextLink"
},
"x-ms-examples": {
"List failover group": {
"$ref": "./examples/FailoverGroupList.json"
}
}
}
},
"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/failoverGroups/{failoverGroupName}/failover": {
"post": {
"tags": [
"FailoverGroups"
],
"description": "Fails over from the current primary server to this server.",
"operationId": "FailoverGroups_Failover",
"parameters": [
{
"$ref": "../../../common/v1/types.json#/parameters/ResourceGroupParameter"
},
{
"name": "serverName",
"in": "path",
"description": "The name of the server containing the failover group.",
"required": true,
"type": "string"
},
{
"name": "failoverGroupName",
"in": "path",
"description": "The name of the failover group.",
"required": true,
"type": "string"
},
{
"$ref": "../../../common/v1/types.json#/parameters/SubscriptionIdParameter"
},
{
"$ref": "../../../common/v1/types.json#/parameters/ApiVersionParameter"
}
],
"responses": {
"200": {
"description": "Successfully failed over.",
"schema": {
"$ref": "#/definitions/FailoverGroup"
}
},
"default": {
"description": "*** Error Responses: ***\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidDatabases - The provided databases IDs are not properly constructed database resource IDs. For the example of proper formatting see https://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update failover group request body is empty or invalid. Please provide a valid value of this field. For examples of properly formatted requests see \r\nhttps://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidDatabaseServer - One or more of the provided databases do not exist on the primary server of the failover group. Please make sure that all the databases exist on the primary server.\n\n * 400 FailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner server for Failover Group is supported. Please modify your request accordingly. For examples of valid requests see https://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalid - The create or update failover group request body is empty or invalid.\n\n * 400 FailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 FailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint. Please remove it from request.\n\n * 400 FailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update failover group request body should not modify the read-only property '{0}'.\n\n * 400 FailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of failover group.\n\n * 400 FailoverGroupPartnerServerFromDifferentSubscription - Primary server and the partner servers of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 PartnerServerNotCompatible - The user is attempting to copy a database from a SAWA V1 server to a Sterling server or vice versa.\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 ResourcePoolNotFound - Specified elastic pool does not exist in the specified logical server.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in a Failover Group need to reside in different regions to provide isolation.\n\n * 400 FailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 FailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a Failover Group.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 DatabaseInFailoverGroupNotPrimary - GeoDR link for the database already exists, but its role is not 'Primary' or it is not continuous copy link.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 UnableToCreateFailoverGroupDueToTableAuditing - Failover Group cannot be created for server that has table auditing turned on.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 UnableToAddDbWithTableAuditingToFailoverGroup - Database with Table Auditing enabled will not be accessible through Failover Group endpoint.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 LimitOfFailoverGroupsPerServerExceeded - Creating new Failover Group will exceed the allowed number of Failover Groups per server.\n\n * 400 AzureKeyVaultMismatchError - Unexpected Key Vault region found in the http response.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 GeoReplicaLimitReached - The per-replica replication limit was reached.\n\n * 400 FailoverGroupWithVirtualNetworkRulesNotSupported - Failover Groups configured with an automatic failover policy are currently not supported on servers configured with virtual network firewall rules. Please configure the failover group with manual failover policy.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 401 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 401 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 401 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 401 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 401 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 FailoverGroupAlreadyExists - Failover group already exists on a given server. Please use different Failover Group name.\n\n * 409 FailoverGroupBusy - Failover Group is busy with another operation.\n\n * 409 DatabaseBelongsToOtherFailoverGroup - Database belongs to other Failover Group and cannot be consider a part of this one.\n\n * 409 DatabaseBeingAddedToFailoverGroup - The database is currently being added to Failover Group, customer needs to wait for this operation to finish to issue remove.\n\n * 409 DatabaseBeingRemovedFromFailoverGroup - The database is currently being removed from failover group, customer needs to wait for this operation to finish to issue add.\n\n * 409 FailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication seeding operation was performed on a database that is already in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout."
},
"202": {
"description": "Accepted"
}
},
"x-ms-long-running-operation": true,
"x-ms-examples": {
"Planned failover of a failover group": {
"$ref": "./examples/FailoverGroupFailover.json"
}
}
}
},
"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/failoverGroups/{failoverGroupName}/forceFailoverAllowDataLoss": {
"post": {
"tags": [
"FailoverGroups"
],
"description": "Fails over from the current primary server to this server. This operation might result in data loss.",
"operationId": "FailoverGroups_ForceFailoverAllowDataLoss",
"parameters": [
{
"$ref": "../../../common/v1/types.json#/parameters/ResourceGroupParameter"
},
{
"name": "serverName",
"in": "path",
"description": "The name of the server containing the failover group.",
"required": true,
"type": "string"
},
{
"name": "failoverGroupName",
"in": "path",
"description": "The name of the failover group.",
"required": true,
"type": "string"
},
{
"$ref": "../../../common/v1/types.json#/parameters/SubscriptionIdParameter"
},
{
"$ref": "../../../common/v1/types.json#/parameters/ApiVersionParameter"
}
],
"responses": {
"200": {
"description": "Successfully failed over.",
"schema": {
"$ref": "#/definitions/FailoverGroup"
}
},
"default": {
"description": "*** Error Responses: ***\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidDatabases - The provided databases IDs are not properly constructed database resource IDs. For the example of proper formatting see https://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update failover group request body is empty or invalid. Please provide a valid value of this field. For examples of properly formatted requests see \r\nhttps://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidDatabaseServer - One or more of the provided databases do not exist on the primary server of the failover group. Please make sure that all the databases exist on the primary server.\n\n * 400 FailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner server for Failover Group is supported. Please modify your request accordingly. For examples of valid requests see https://docs.microsoft.com/en-us/rest/api/sql/failovergroups/createorupdate \n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalid - The create or update failover group request body is empty or invalid.\n\n * 400 FailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 FailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 FailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint. Please remove it from request.\n\n * 400 FailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update failover group request body should not modify the read-only property '{0}'.\n\n * 400 FailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of failover group.\n\n * 400 FailoverGroupPartnerServerFromDifferentSubscription - Primary server and the partner servers of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 PartnerServerNotCompatible - The user is attempting to copy a database from a SAWA V1 server to a Sterling server or vice versa.\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 ResourcePoolNotFound - Specified elastic pool does not exist in the specified logical server.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in a Failover Group need to reside in different regions to provide isolation.\n\n * 400 FailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 FailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a Failover Group.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 DatabaseInFailoverGroupNotPrimary - GeoDR link for the database already exists, but its role is not 'Primary' or it is not continuous copy link.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 UnableToCreateFailoverGroupDueToTableAuditing - Failover Group cannot be created for server that has table auditing turned on.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 UnableToAddDbWithTableAuditingToFailoverGroup - Database with Table Auditing enabled will not be accessible through Failover Group endpoint.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 LimitOfFailoverGroupsPerServerExceeded - Creating new Failover Group will exceed the allowed number of Failover Groups per server.\n\n * 400 AzureKeyVaultMismatchError - Unexpected Key Vault region found in the http response.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 GeoReplicaLimitReached - The per-replica replication limit was reached.\n\n * 400 FailoverGroupWithVirtualNetworkRulesNotSupported - Failover Groups configured with an automatic failover policy are currently not supported on servers configured with virtual network firewall rules. Please configure the failover group with manual failover policy.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 401 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 401 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 401 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 401 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 401 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 FailoverGroupAlreadyExists - Failover group already exists on a given server. Please use different Failover Group name.\n\n * 409 FailoverGroupBusy - Failover Group is busy with another operation.\n\n * 409 DatabaseBelongsToOtherFailoverGroup - Database belongs to other Failover Group and cannot be consider a part of this one.\n\n * 409 DatabaseBeingAddedToFailoverGroup - The database is currently being added to Failover Group, customer needs to wait for this operation to finish to issue remove.\n\n * 409 DatabaseBeingRemovedFromFailoverGroup - The database is currently being removed from failover group, customer needs to wait for this operation to finish to issue add.\n\n * 409 FailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication seeding operation was performed on a database that is already in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout."
},
"202": {
"description": "Accepted"
}
},
"x-ms-long-running-operation": true,
"x-ms-examples": {
"Forced failover of a failover group allowing data loss": {
"$ref": "./examples/FailoverGroupForceFailoverAllowDataLoss.json"
}
}
}
}
},
"definitions": {
"FailoverGroupProperties": {
"description": "Properties of a failover group.",
"required": [
"readWriteEndpoint",
"partnerServers"
],
"type": "object",
"properties": {
"readWriteEndpoint": {
"$ref": "#/definitions/FailoverGroupReadWriteEndpoint",
"description": "Read-write endpoint of the failover group instance."
},
"readOnlyEndpoint": {
"$ref": "#/definitions/FailoverGroupReadOnlyEndpoint",
"description": "Read-only endpoint of the failover group instance."
},
"replicationRole": {
"description": "Local replication role of the failover group instance.",
"enum": [
"Primary",
"Secondary"
],
"type": "string",
"readOnly": true,
"x-ms-enum": {
"name": "FailoverGroupReplicationRole",
"modelAsString": true
}
},
"replicationState": {
"description": "Replication state of the failover group instance.",
"type": "string",
"readOnly": true
},
"partnerServers": {
"description": "List of partner server information for the failover group.",
"type": "array",
"items": {
"$ref": "#/definitions/PartnerInfo"
},
"x-ms-mutability": [
"read",
"create"
]
},
"databases": {
"description": "List of databases in the failover group.",
"type": "array",
"items": {
"type": "string"
}
}
}
},
"FailoverGroupReadWriteEndpoint": {
"description": "Read-write endpoint of the failover group instance.",
"required": [
"failoverPolicy"
],
"type": "object",
"properties": {
"failoverPolicy": {
"description": "Failover policy of the read-write endpoint for the failover group. If failoverPolicy is Automatic then failoverWithDataLossGracePeriodMinutes is required.",
"enum": [
"Manual",
"Automatic"
],
"type": "string",
"x-ms-enum": {
"name": "ReadWriteEndpointFailoverPolicy",
"modelAsString": true
}
},
"failoverWithDataLossGracePeriodMinutes": {
"format": "int32",
"description": "Grace period before failover with data loss is attempted for the read-write endpoint. If failoverPolicy is Automatic then failoverWithDataLossGracePeriodMinutes is required.",
"type": "integer"
}
}
},
"FailoverGroupReadOnlyEndpoint": {
"description": "Read-only endpoint of the failover group instance.",
"type": "object",
"properties": {
"failoverPolicy": {
"description": "Failover policy of the read-only endpoint for the failover group.",
"enum": [
"Disabled",
"Enabled"
],
"type": "string",
"x-ms-enum": {
"name": "ReadOnlyEndpointFailoverPolicy",
"modelAsString": true
}
}
}
},
"PartnerInfo": {
"description": "Partner server information for the failover group.",
"required": [
"id"
],
"type": "object",
"properties": {
"id": {
"description": "Resource identifier of the partner server.",
"type": "string"
},
"location": {
"description": "Geo location of the partner server.",
"type": "string",
"readOnly": true
},
"replicationRole": {
"description": "Replication role of the partner server.",
"enum": [
"Primary",
"Secondary"
],
"type": "string",
"readOnly": true,
"x-ms-enum": {
"name": "FailoverGroupReplicationRole",
"modelAsString": true
}
}
}
},
"FailoverGroup": {
"description": "A failover group.",
"type": "object",
"allOf": [
{
"$ref": "../../../common/v1/types.json#/definitions/ProxyResource"
}
],
"properties": {
"location": {
"description": "Resource location.",
"type": "string",
"readOnly": true
},
"tags": {
"description": "Resource tags.",
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"properties": {
"$ref": "#/definitions/FailoverGroupProperties",
"description": "Resource properties.",
"x-ms-client-flatten": true
}
}
},
"FailoverGroupUpdate": {
"description": "A failover group update request.",
"type": "object",
"properties": {
"properties": {
"$ref": "#/definitions/FailoverGroupUpdateProperties",
"description": "Resource properties.",
"x-ms-client-flatten": true
},
"tags": {
"description": "Resource tags.",
"type": "object",
"additionalProperties": {
"type": "string"
}
}
}
},
"FailoverGroupUpdateProperties": {
"description": "Properties of a failover group update.",
"type": "object",
"properties": {
"readWriteEndpoint": {
"$ref": "#/definitions/FailoverGroupReadWriteEndpoint",
"description": "Read-write endpoint of the failover group instance."
},
"readOnlyEndpoint": {
"$ref": "#/definitions/FailoverGroupReadOnlyEndpoint",
"description": "Read-only endpoint of the failover group instance."
},
"databases": {
"description": "List of databases in the failover group.",
"type": "array",
"items": {
"type": "string"
}
}
}
},
"FailoverGroupListResult": {
"description": "A list of failover groups.",
"type": "object",
"properties": {
"value": {
"description": "Array of results.",
"type": "array",
"items": {
"$ref": "#/definitions/FailoverGroup"
},
"readOnly": true
},
"nextLink": {
"description": "Link to retrieve next page of results.",
"type": "string",
"readOnly": true
}
}
}
},
"parameters": {},
"securityDefinitions": {
"azure_auth": {
"type": "oauth2",
"description": "Azure Active Directory OAuth2 Flow",
"flow": "implicit",
"authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
"scopes": {
"user_impersonation": "impersonate your user account"
}
}
}
}