Cybergavin

My feedback

  1. 10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  SQL Managed Instance  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Cybergavin commented  · 

    Agree with Juanjo. We have separate resource groups for our Network Admins and DBAs. The resource groups owned by the Network group has the VNets. The SQL MI virtual cluster gets deployed into this resource group even though the SQL MI instance, NSG and route table gets deployed in the DBA resource group. Also, delegating permissions to DBAs for creation of new SQL MI instances in empty subnets is painful, warranting extra privileges for DBAs.

    Cybergavin supported this idea  · 
  2. 113 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Networking » Virtual Network  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Cybergavin commented  · 

    I'm pondering the same. Microsoft's "best practice" architecture is not best for customers from a cost perspective. The hub-and-spoke architecture makes sense if VNet-peering (at least in the same region) were free. Otherwise, with each spoke being a different VNet (in a possibly different subscription), a lot of traffic can potentially flow across the hub-spoke VNet peering links. Then we may be forced to minimize the number of VNet spokes and use subnets/NSGs/NVAs within VNets to provide isolation between lifecycle environments or business units.

Feedback and Knowledge Base