4/14/2025 AM Publish (#33802)

* [Azure SQL Database] Copilot GA release

* Fabric changes for sp-rename and ALTER TABLE articles

* [Azure SQL Database]  Copilot GA release

* made edits to the FAQ and removed some sample prompts

* remove erroneous file

* Moved the table of copilot prompts to a separate file and linked to it from the over view file

* move the note

* edit table file

* acrolinx improvement

* add description to prompt file

* Removed all references to preview

* edit best practices section

* fix broken link

* remove line 78

* add to tOC

* Update docs/t-sql/statements/alter-table-transact-sql.md

* update metadata

* edit intro paragraph and H1 title

* minor edits

* add migration tags

* minor edits

* add an additional link to related content area

* Update create-user-transact-sql.md

Sid + type is also on Azure SQL Database

* Update authentication-azure-ad-user-assigned-managed-identity.md

Update the SMI portion of the Azure SQL DB to make use of the sid+type syntax.

* Learn Editor: Update create-view-transact-sql.md

* update Metadata

* Learn Editor: Update create-view-transact-sql.md

* Learn Editor: Update grant-object-permissions-transact-sql.md

* update Metadata

* Learn Editor: Update grant-object-permissions-transact-sql.md

* correct typos and add question back to FAQ

* [Azure SQL Database] more copilot edits

* acrolinx improvement

* acrolinx improvements

* some more branding changes and minor edits

* remove additional include file

* pulling PRs to private

* edit

* [Azure SQL Database] minor edits and updates

* Added missing column in output table

Added the missing 'job_name' column in the output table.

* Minor improvements

* Apply suggestions from code review

Co-authored-by: Chad Kittel <[email protected]>

* At-scale migration assessment for SQL Server enabled by Azure Arc

* Staging IO Analysis GA

* Update docs/t-sql/statements/grant-object-permissions-transact-sql.md

Co-authored-by: Van To <[email protected]>

* 20250409 schemabinding

* Confirm merge from FromPublicRepo to main to sync with https://github.com/MicrosoftDocs/sql-docs (branch live) (#33773)

* 4/8/2025 AM Publish (#33752)

* Fix include file and refresh associated articles

* [SCOPED] SQL Tools content: Update author, add ms.collection, fix metadata

* added edge case when the parameter is 0

* Edit pass

* Update sys-databases-transact-sql.md

* Merge pull request #33738 from MicrosoftDocs/release-azure-sql-copilot-ga

[Azure SQL Database] Azure SQL Database Copilot - Release branch to main 04/08/2025 @ 1030am PST

---------

Co-authored-by: Randolph West MSFT <[email protected]>
Co-authored-by: James Barnett <[email protected]>
Co-authored-by: YanoOfQueenscastle <[email protected]>
Co-authored-by: TWINKLE CYRIL <[email protected]>
Co-authored-by: prmerger-automator[bot] <40007230+prmerger-automator[bot]@users.noreply.github.com>
Co-authored-by: Mark Ghanayem <[email protected]>

* Added missing column in output table

Added the missing 'job_name' column in the output table.

---------

Co-authored-by: Bo wen Yang <[email protected]>
Co-authored-by: Randolph West MSFT <[email protected]>
Co-authored-by: James Barnett <[email protected]>
Co-authored-by: YanoOfQueenscastle <[email protected]>
Co-authored-by: TWINKLE CYRIL <[email protected]>
Co-authored-by: prmerger-automator[bot] <40007230+prmerger-automator[bot]@users.noreply.github.com>
Co-authored-by: Mark Ghanayem <[email protected]>
Co-authored-by: finnigd <[email protected]>

* correct conflict

* reworked the order

* Update docs/t-sql/statements/create-view-transact-sql.md

Co-authored-by: Mark Ghanayem <[email protected]>

* 20250409 1059 edit pass

* 20250409 edit pass acrolinx

* Updated steps for NSP (#33759)

* Updated steps for NSP

* Fixed image path

* review and remove sensitive info

* edit

* rename image resources

---------

Co-authored-by: VanMSFT <[email protected]>

* Remove a fixed known issue

* Correct extra script contents info (#33787)

* SQL tools content freshness pass (#33754)

Co-authored-by: Erin Stellato <[email protected]>

* Update import-flat-file-wizard.md (#10062)

* Update .NET passwordless flow

update tabs

simplify code

* Edit pass

* Update azure-sql/virtual-machines/windows/storage-performance-analysis.md

* Add a best practice for dropping resource pools (#33783)

* Update sql-server-linux-configure-mssql-conf.md (#33728)

---------

Co-authored-by: Mark Ghanayem <[email protected]>
Co-authored-by: Alma Jenks <[email protected]>
Co-authored-by: TWINKLE CYRIL <[email protected]>
Co-authored-by: Randolph West MSFT <[email protected]>
Co-authored-by: Jodi Martis <[email protected]>
Co-authored-by: James Barnett <[email protected]>
Co-authored-by: Pratim Dasgupta <[email protected]>
Co-authored-by: chroux <[email protected]>
Co-authored-by: VanMSFT <[email protected]>
Co-authored-by: finnigd <[email protected]>
Co-authored-by: Jovan Popovic (MSFT) <[email protected]>
Co-authored-by: Chad Kittel <[email protected]>
Co-authored-by: prmerger-automator[bot] <40007230+prmerger-automator[bot]@users.noreply.github.com>
Co-authored-by: Ajith Krishnan <[email protected]>
Co-authored-by: Masha MSFT <[email protected]>
Co-authored-by: Regan Downer <[email protected]>
Co-authored-by: William Assaf MSFT <[email protected]>
Co-authored-by: learn-build-service-prod[bot] <113403604+learn-build-service-prod[bot]@users.noreply.github.com>
Co-authored-by: YanoOfQueenscastle <[email protected]>
Co-authored-by: Learn Build Service GitHub App <Learn Build Service [email protected]>
Co-authored-by: Jill Grant <[email protected]>
Co-authored-by: sudhanshukhera <[email protected]>
Co-authored-by: Dimitri Furman <[email protected]>
Co-authored-by: Drew Skwiers-Koballa <[email protected]>
Co-authored-by: Erin Stellato <[email protected]>
Co-authored-by: Steve Jones <[email protected]>
Co-authored-by: Alex Wolf <[email protected]>
Co-authored-by: Nicolas Blais Miko <[email protected]>

Author: 29 people

azure-sql/database/authentication-azure-ad-user-assigned-managed-identity.md

@@ -5,7 +5,7 @@ description: Learn about system assigned and user assigned managed identities in
 author: VanMSFT
 ms.author: vanto
 ms.reviewer: vanto, wiassaf, mathoma
-ms.date: 10/24/2023
+ms.date: 04/08/2025
 ms.service: azure-sql
 ms.subservice: security
 ms.custom: has-azure-ad-ps-ref, azure-ad-ref-level-one-done
@@ -25,7 +25,7 @@ Previously, only an SMI could be assigned to the Azure SQL Managed Instance or S
 
 In addition to using a UMI and an SMI as the instance or server identity, you can use them to access the database by using the SQL connection string option `Authentication=Active Directory Managed Identity`. You need to create a SQL user from the managed identity in the target database by using the [CREATE USER](/sql/t-sql/statements/create-user-transact-sql) statement. For more information, see [Using Microsoft Entra authentication with SqlClient](/sql/connect/ado-net/sql/azure-active-directory-authentication).
 
-To retrieve the current UMI(s) or SMI for Azure SQL Managed instance or Azure SQL Database, see [Get or set a managed identity for a logical server or managed instance](#get-or-set-a-managed-identity-for-a-logical-server-or-managed-instance) later in this article.
+To retrieve the current UMIs or SMI for Azure SQL Managed instance or Azure SQL Database, see [Get or set a managed identity for a logical server or managed instance](#get-or-set-a-managed-identity-for-a-logical-server-or-managed-instance) later in this article.
 
 ## Benefits of using user-assigned managed identities
 
@@ -61,6 +61,29 @@ These permissions should be granted before you provision a logical server or man
 - [GroupMember.Read.All](/graph/permissions-reference#group-permissions): Allows access to Microsoft Entra group information.
 - [Application.Read.ALL](/graph/permissions-reference#application-resource-permissions): Allows access to Microsoft Entra service principal (application) information.
 
+### Permissions for SMI
+
+The same Microsoft Graph applications are needed for the SMI, but the UMI permissions can be eliminated for Azure SQL Database using an SMI. The `CREATE USER` T-SQL syntax would need the `SID` and `TYPE` syntax, as described in the article, [CREATE USER (Transact-SQL)](/sql/t-sql/statements/create-user-transact-sql#syntax).
+
+```syntaxsql 
+CREATE USER   
+    {  
+    Microsoft_Entra_principal FROM EXTERNAL PROVIDER [ WITH <limited_options_list> [ ,... ] ]    
+    | Microsoft_Entra_principal WITH <options_list> [ ,... ] 
+    }  
+ [ ; ]  
+  
+<limited_options_list> ::=  
+      DEFAULT_SCHEMA = schema_name  
+    | OBJECT_ID = 'objectid'
+<options_list> ::=  
+      DEFAULT_SCHEMA = schema_name  
+    | SID = sid  
+    | TYPE = { X | E }
+```
+
+The above syntax allows creation of Microsoft Entra users without validation. For this to work, the `Object Id` of the Microsoft Entra principal would have to be supplied and used as an `SID` in the T-SQL statement, as explained in [Create a contained database user from a Microsoft Entra principal without validation](/sql/t-sql/statements/create-user-transact-sql#k-create-a-contained-database-user-from-a-microsoft-entra-principal-without-validation).
+
 ### Grant permissions
 
 The following sample PowerShell script grants the necessary permissions for a managed identity. This sample assigns permissions to the user-assigned managed identity `umiservertest`.
@@ -149,7 +172,7 @@ The Azure portal displays the system-assigned managed identity (SMI) ID in the *
 
 :::image type="content" source="media/authentication-azure-ad-user-assigned-managed-identity/get-system-assigned-managed-identity-azure-sql-server-azure-portal.png" alt-text="Screenshot of the Azure portal page for an Azure SQL Database logical server. In the Properties menu, the System Assigned Managed Identity is highlighted.":::
 
-- To retrieve the UMI(s) for Azure SQL Managed Instance or Azure SQL Database, use the following PowerShell or Azure CLI examples.
+- To retrieve the UMIs for Azure SQL Managed Instance or Azure SQL Database, use the following PowerShell or Azure CLI examples.
 - To retrieve the SMI for Azure SQL Managed Instance, use the following PowerShell or Azure CLI examples.
 
 ### Set a managed identity in the Azure portal
@@ -211,7 +234,7 @@ The Azure CLI 2.26.0 (or later) is required to run these commands with a UMI.
 
 - To provision a new server with a UMI, use the [New-AzSqlServer](/powershell/module/az.sql/new-azsqlserver) command.
 - To obtain the managed identities for a logical server, use the [Get-AzSqlServer](/powershell/module/az.sql/get-azsqlserver) command.
-  - For example, to retrieve the UMI(s) of a logical server, look for the `principalId` of each:
+  - For example, to retrieve the UMIs of a logical server, look for the `principalId` of each:
 
     ```powershell
     $MI = Get-AzSqlServer -ResourceGroupName "resourcegroupnamehere" -Name "sql-logical-server-name-here"
@@ -231,7 +254,7 @@ The Azure CLI 2.26.0 (or later) is required to run these commands with a UMI.
 
 - To provision a new managed instance with a UMI, use the [New-AzSqlInstance](/powershell/module/az.sql/new-azsqlinstance) command.
 - To obtain the managed identities for a managed instance, use the [Get-AzSqlInstance](/powershell/module/az.sql/get-azsqlinstance) command.
-  - For example, to retrieve the UMI(s) of a managed instance, look for the `principalId` of each:
+  - For example, to retrieve the UMIs of a managed instance, look for the `principalId` of each:
 
     ```powershell
     $MI = Get-AzSqlInstance -ResourceGroupName "resourcegroupnamehere" -Name "sql-mi-name-here"

docs/t-sql/statements/create-user-transact-sql.md

@@ -4,7 +4,7 @@ description: CREATE USER (Transact-SQL)
 author: VanMSFT
 ms.author: vanto
 ms.reviewer: wiassaf, jaszymas
-ms.date: 11/20/2024
+ms.date: 04/08/2025
 ms.service: sql
 ms.subservice: t-sql
 ms.topic: reference
@@ -121,8 +121,8 @@ CREATE USER user_name
       DEFAULT_SCHEMA = schema_name  
     | DEFAULT_LANGUAGE = { NONE | lcid | language name | language alias }  
     | SID = sid   
-    | ALLOW_ENCRYPTED_VALUE_MODIFICATIONS = [ ON | OFF ] ]  
-  
+    | ALLOW_ENCRYPTED_VALUE_MODIFICATIONS = [ ON | OFF ] ]
+
 <limited_options_list> ::=  
       DEFAULT_SCHEMA = schema_name ]   
     | ALLOW_ENCRYPTED_VALUE_MODIFICATIONS = [ ON | OFF ] ]  
@@ -160,7 +160,7 @@ CREATE USER Microsoft_Entra_principal FROM EXTERNAL PROVIDER
 [;]
 ```
 
-Syntax for [!INCLUDE [fabric-sqldb](../../includes/fabric-sqldb.md)]
+Syntax for [!INCLUDE [fabric-sqldb](../../includes/fabric-sqldb.md)] and Azure SQL Database
 
 ```syntaxsql 
 CREATE USER   
@@ -274,7 +274,7 @@ CREATE USER user_name
 In SQL database in Microsoft Fabric, `sid` should be a valid ID of the specified Microsoft Entra principal. If the principal is a user or a group, the ID should be a Microsoft Entra object ID of the user/group. If the Microsoft Entra principal is a service principal (an application or a managed identity), the ID should be an application ID (or a client ID). The specified ID must be a `binary(16)` value. The [!INCLUDE[ssDE](../../includes/ssde-md.md)] doesn't validate the specified ID in Microsoft Entra. The `SID` argument must be used together with `TYPE`.
 
 #### TYPE = [ E | X ]
- **Applies to**: SQL database in Microsoft Fabric. 
+ **Applies to**: SQL database in Microsoft Fabric and Azure SQL Database. 
 
 Specifies the type of a Microsoft Entra principal. `E` indicates the principal is a user or a service principal (an application or a managed identity). `X` indicates the principal is a group.
 
@@ -577,7 +577,7 @@ GO
 
 ### K. Create a contained database user from a Microsoft Entra principal without validation
 
- **Applies to**: [!INCLUDE [fabric-sqldb](../../includes/fabric-sqldb.md)]
+ **Applies to**: [!INCLUDE [fabric-sqldb](../../includes/fabric-sqldb.md)] and Azure SQL Database
 
 The examples in this section create database users for Microsoft Entra principals, without validating principal names in Microsoft Entra.