Support for storage endpoints on the same subnet as the SQL managed instance
there is no support for storage endpoints on the same subnet as the SQL managed instance (forces to disable the firewall for the storage accounts used for db migrations)
A support engineer has just commented in a ticket I have open that enabling a storage endpoint IS supported and that he confirmed it himself; however, this was in the Commercial cloud. Two questions:
1) Can MSFT provide an accurate response in regards to whether or not it is supported in any Azure cloud and, if so, which ones?
2). If it isn't supported, what is the roadmap for support in both Commercial and Government clouds?
Juan Jose Miño commented
SQL MI Logs auditing to an storage account doesn't work although both are at the same subnet and Service Endpoints is configured accordingly. It only works when 'All networks' are allowed.
Mohsin Patel commented
This is catching us out too. You can currently only have controlled Security and Firewall on a storage account talking to a Managed Instance IF the storage account is not in the same region as the managed instance.
This is flawed as it would generally make sense to restore or migrate into a managed instance from data in the same region.
I would hope that the introduction of service endpoints into managed instances would sort this out