diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/DatabaseEncryptionProtectorRevalidate.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/DatabaseEncryptionProtectorRevalidate.json index bafd803ea454..ad138638535d 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/DatabaseEncryptionProtectorRevalidate.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/DatabaseEncryptionProtectorRevalidate.json @@ -59,7 +59,7 @@ "description": "Successfully revalidated the encryption protector." }, "default": { - "description": "*** Error Responses: ***\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 DatabaseLevelEncryptionProtectorDoesNotExist - Database-level encryption protector does not exist.\n\n * 400 RevertDatabaseLevelKeyOnlySupportedWithSMK - Database-level encryption protector can only be reverted to the server level encryption when the server is configured with Microsoft Managed Key.\n\n * 400 InvalidEncryptionProtectorName - The encryption protector key name is not supported.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 ManagementServiceManagedServerDisabled - Operation failed since Managed Instance '{0}' is disabled. Please enable Managed Instance and try again.\n\n * 400 MiGeoRestoreWithWrongBackupStorageRedundancy - Geo-Restore is not allowed for managed instances with LRS/ZRS backup storage redundancy.\n\n * 400 LastBackupNameHasNewline - Please do not use forbidden characters ('\\n', '\\r') in lastBackupName.\n\n * 400 LastBackupNameHasNonAsciiCharacter - The operation was aborted because the 'LastBackupName' parameter contains invalid characters. Only ASCII characters are allowed.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 LRSCutoverDatabaseDoesNotExist - The operation was aborted because the database name specified in the request doesn't match any database name on the specified server.\n\n * 400 LRSCutoverDatabaseNotInRestoringState - The operation was aborted because the specified database is not in restoring state.\n\n * 400 LRSCutoverDatabaseAlreadyRestored - The operation was aborted because the specified database was already restored.\n\n * 400 LRSCutoverAlreadyInitiated - The operation was aborted because a cutover for the specified database is already in progress.\n\n * 400 ManagementServiceFeatureDisabled - User attempted to use a feature which is disabled.\n\n * 400 AadOnlyAuthenticationIsEnabled - Azure Active Directory Only Authentication is enabled. Please contact your system administrator.\n\n * 400 UpdatingInstanceAndBackupRedundancy - Instance zone redundancy and backup storage redundancy cannot be updated in the same request.\n\n * 400 DeleteOfManagedInstanceIsDisabled - Delete operation of managed instance is disabled.\n\n * 400 RequestCantLandOnPaaSv2Platform - Request needs to land on PaaSv2 platform but PaaSv2 is not enabled.\n\n * 400 CustomMaintenanceWindowIsDisabled - Custom maintenance window is not enabled.\n\n * 400 DeleteOfVersion2VirtualClusterIsDisabled - Delete of virtual cluster with version 2 is not enabled.\n\n * 400 DeleteOfVirtualClusterIsDisabled - Delete of virtual cluster is not enabled.\n\n * 400 MICantBeMovedFromOrToInstancePool - Existing managed instance can't be moved to managed instance pool.\n\n * 400 DnsRefreshOnVirtualClusterIsDisabled - Refresh of DNS records on virtual cluster is not enabled.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerKeyNotFound - The requested server key was not found on the current subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 EncryptionProtectorChangeInProgress - Cannot update database encryption key protector while protector change is already in progress\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 MiCreateFailedNonDelegatedSubnet - User tried to deploy Managed Instance or Managed Instance pool in subnet that is not delegated to Microsoft.Sql/managedInstances.\n\n * 409 InstancePoolBusy - An instance pool is busy with another ongoing operation\n\n * 409 ConflictingManagedInstanceOperation - An operation is currently in progress for the managed instance.\n\n * 409 BackupRedundancyUpdateAndInstanceRedundancyConflict - The instance is multi-az but backup storage is being updated from zone redundant to non-zone redundant.\n\n * 409 InstanceRedundancyUpdateWhileBackupRedundancyUpdateInProgress - Cannot update instance redundancy because backup storage redundancy update is in progress.\n\n * 409 InstanceRedundancyUpdateAndBackupRedundancyConflict - The backup storage is non-zone redundant but instance redundancy is being updated to zone redundant.\n\n * 409 BackupRedundancyUpdateConflict - Cannot update backup storage redundancy because a backup storage redundancy update is already in progress.\n\n * 409 MiDropFailedOnAuthLocks - User tried to drop last Managed Instance in subnet that has Lock applied on resource(s).\n\n * 412 InstanceNotReadyForBackupRedundancyUpdate - Cannot update backup storage redundancy because the instance is not ready.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 DatabaseLevelEncryptionProtectorDoesNotExist - Database-level encryption protector does not exist.\n\n * 400 RevertDatabaseLevelKeyOnlySupportedWithSMK - Database-level encryption protector can only be reverted to the server level encryption when the server is configured with Microsoft Managed Key.\n\n * 400 InvalidEncryptionProtectorName - The encryption protector key name is not supported.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 ManagementServiceManagedServerDisabled - Operation failed since Managed Instance '{0}' is disabled. Please enable Managed Instance and try again.\n\n * 400 MiGeoRestoreWithWrongBackupStorageRedundancy - Geo-Restore is not allowed for managed instances with LRS/ZRS backup storage redundancy.\n\n * 400 LastBackupNameHasNewline - Please do not use forbidden characters ('\\n', '\\r') in lastBackupName.\n\n * 400 LastBackupNameHasNonAsciiCharacter - The operation was aborted because the 'LastBackupName' parameter contains invalid characters. Only ASCII characters are allowed.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 LRSCutoverDatabaseDoesNotExist - The operation was aborted because the database name specified in the request doesn't match any database name on the specified server.\n\n * 400 LRSCutoverDatabaseNotInRestoringState - The operation was aborted because the specified database is not in restoring state.\n\n * 400 LRSCutoverDatabaseAlreadyRestored - The operation was aborted because the specified database was already restored.\n\n * 400 LRSCutoverAlreadyInitiated - The operation was aborted because a cutover for the specified database is already in progress.\n\n * 400 ManagementServiceFeatureDisabled - User attempted to use a feature which is disabled.\n\n * 400 AadOnlyAuthenticationIsEnabled - Azure Active Directory Only Authentication is enabled. Please contact your system administrator.\n\n * 400 UpdatingInstanceAndBackupRedundancy - Instance zone redundancy and backup storage redundancy cannot be updated in the same request.\n\n * 400 DeleteOfManagedInstanceIsDisabled - Delete operation of managed instance is disabled.\n\n * 400 RequestCantLandOnPaaSv2Platform - Request needs to land on PaaSv2 platform but PaaSv2 is not enabled.\n\n * 400 CustomMaintenanceWindowIsDisabled - Custom maintenance window is not enabled.\n\n * 400 DeleteOfVersion2VirtualClusterIsDisabled - Delete of virtual cluster with version 2 is not enabled.\n\n * 400 DeleteOfVirtualClusterIsDisabled - Delete of virtual cluster is not enabled.\n\n * 400 MICantBeMovedFromOrToInstancePool - Existing managed instance can't be moved to managed instance pool.\n\n * 400 DnsRefreshOnVirtualClusterIsDisabled - Refresh of DNS records on virtual cluster is not enabled.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerKeyNotFound - The requested server key was not found on the current subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 EncryptionProtectorChangeInProgress - Cannot update database encryption key protector while protector change is already in progress\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 MiCreateFailedNonDelegatedSubnet - User tried to deploy Managed Instance or Managed Instance pool in subnet that is not delegated to Microsoft.Sql/managedInstances.\n\n * 409 InstancePoolBusy - An instance pool is busy with another ongoing operation\n\n * 409 ConflictingManagedInstanceOperation - An operation is currently in progress for the managed instance.\n\n * 409 BackupRedundancyUpdateAndInstanceRedundancyConflict - The instance is multi-az but backup storage is being updated from zone redundant to non-zone redundant.\n\n * 409 InstanceRedundancyUpdateWhileBackupRedundancyUpdateInProgress - Cannot update instance redundancy because backup storage redundancy update is in progress.\n\n * 409 InstanceRedundancyUpdateAndBackupRedundancyConflict - The backup storage is non-zone redundant but instance redundancy is being updated to zone redundant.\n\n * 409 BackupRedundancyUpdateConflict - Cannot update backup storage redundancy because a backup storage redundancy update is already in progress.\n\n * 409 MiDropFailedOnAuthLocks - User tried to drop last Managed Instance in subnet that has Lock applied on resource(s).\n\n * 412 InstanceNotReadyForBackupRedundancyUpdate - Cannot update backup storage redundancy because the instance is not ready.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/DatabaseEncryptionProtectorRevert.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/DatabaseEncryptionProtectorRevert.json index 19bc3fee6c90..21fbaaa67ce0 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/DatabaseEncryptionProtectorRevert.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/DatabaseEncryptionProtectorRevert.json @@ -59,7 +59,7 @@ "description": "Successfully Reverted the encryption protector." }, "default": { - "description": "*** Error Responses: ***\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 DatabaseLevelEncryptionProtectorDoesNotExist - Database-level encryption protector does not exist.\n\n * 400 RevertDatabaseLevelKeyOnlySupportedWithSMK - Database-level encryption protector can only be reverted to the server level encryption when the server is configured with Microsoft Managed Key.\n\n * 400 InvalidEncryptionProtectorName - The encryption protector key name is not supported.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerKeyNotFound - The requested server key was not found on the current subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 EncryptionProtectorChangeInProgress - Cannot update database encryption key protector while protector change is already in progress\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", + "description": "*** Error Responses: ***\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 DatabaseLevelEncryptionProtectorDoesNotExist - Database-level encryption protector does not exist.\n\n * 400 RevertDatabaseLevelKeyOnlySupportedWithSMK - Database-level encryption protector can only be reverted to the server level encryption when the server is configured with Microsoft Managed Key.\n\n * 400 InvalidEncryptionProtectorName - The encryption protector key name is not supported.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerKeyNotFound - The requested server key was not found on the current subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 EncryptionProtectorChangeInProgress - Cannot update database encryption key protector while protector change is already in progress\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/Databases.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/Databases.json index b146ae85a247..f14db276343a 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/Databases.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/Databases.json @@ -31,8 +31,32 @@ "$ref": "#/parameters/ServerNameParameter" }, { - "name": "$skipToken", + "name": "$top", "in": "query", + "description": "The number of elements to return from the collection.", + "required": false, + "type": "integer", + "format": "int64" + }, + { + "name": "$skip", + "in": "query", + "description": "The number of elements in the collection to skip.", + "required": false, + "type": "integer", + "format": "int64" + }, + { + "name": "$filter", + "in": "query", + "description": "An OData filter expression that filters elements in the collection.", + "required": false, + "type": "string" + }, + { + "name": "$orderby", + "in": "query", + "description": "How the results should be ordered.", "required": false, "type": "string" }, @@ -57,10 +81,14 @@ } } }, + "x-ms-odata": "#/definitions/Database", "x-ms-pageable": { "nextLinkName": "nextLink" }, "x-ms-examples": { + "Gets a list of databases with OData filtering.": { + "$ref": "./examples/ListVCoreDatabasesByServerWithOdata.json" + }, "Gets a list of databases.": { "$ref": "./examples/ListVCoreDatabasesByServer.json" }, @@ -87,20 +115,6 @@ { "$ref": "#/parameters/DatabaseNameParameter" }, - { - "name": "$expand", - "in": "query", - "description": "The child resources to include in the response.", - "required": false, - "type": "string" - }, - { - "name": "$filter", - "in": "query", - "description": "An OData filter expression that filters elements in the collection.", - "required": false, - "type": "string" - }, { "$ref": "../../../common/v1/types.json#/parameters/SubscriptionIdParameter" }, @@ -122,7 +136,6 @@ } } }, - "x-ms-odata": "#/definitions/Database", "x-ms-examples": { "Gets a database configured with Default enclave type.": { "$ref": "./examples/GetVCoreDatabaseDefaultEnclave.json" @@ -133,9 +146,6 @@ "Gets a database.": { "$ref": "./examples/GetVCoreDatabase.json" }, - "Gets a database with database level keys expanded.": { - "$ref": "./examples/GetVCoreDatabaseWithExpandEqualsKeys.json" - }, "Gets a database with Availability zone specified.": { "$ref": "./examples/GetDatabaseWithAvailabilityZone.json" }, @@ -1500,6 +1510,11 @@ "encryptionProtectorAutoRotation": { "description": "The flag to enable or disable auto rotation of database encryption protector AKV key.", "type": "boolean" + }, + "provisioningState": { + "description": "Specifies the provisioning state for this resource", + "type": "string", + "readOnly": true } } }, @@ -1929,6 +1944,11 @@ "encryptionProtectorAutoRotation": { "description": "The flag to enable or disable auto rotation of database encryption protector AKV key.", "type": "boolean" + }, + "provisioningState": { + "description": "Specifies the provisioning state for this resource", + "type": "string", + "readOnly": true } } }, diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/DistributedAvailabilityGroups.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/DistributedAvailabilityGroups.json index 5b608ab5fe5c..ae4f006d0838 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/DistributedAvailabilityGroups.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/DistributedAvailabilityGroups.json @@ -45,7 +45,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 ManagedInstanceSubnetNameIsReservedAndNotAllowed - Managed Instance can not be created with reserved subnet name. The following subnet names are reserved in Azure: AzureFirewallSubnet, AzureFirewallManagementSubnet, AzureBastionSubnet, and GatewaySubnet.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -97,7 +97,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 ManagedInstanceSubnetNameIsReservedAndNotAllowed - Managed Instance can not be created with reserved subnet name. The following subnet names are reserved in Azure: AzureFirewallSubnet, AzureFirewallManagementSubnet, AzureBastionSubnet, and GatewaySubnet.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -153,7 +153,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceRestoreToInstanceWithOlderVersionEdition - Restore operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 InvalidDistributedAvailabilityGroupsCreateOrUpdateRequest - Distributed Availability Group Create or Update request body is empty or invalid.\n\n * 400 InvalidDistributedAvailabilityGroupsCreateOrUpdateRequestInstanceAvailabilityGroupName - Distributed Availability Group Create or Update request body has empty or Invalid Instance Availability Group Name.\n\n * 400 InvalidDistributedAvailabilityGroupsCreateOrUpdateRequestPartnerAvailabilityGroupName - Distributed Availability Group Create or Update request body has empty or Invalid Partner Availability Group Name.\n\n * 400 InvalidDistributedAvailabilityGroupsCreateOrUpdateRequestPartnerEndpoint - Distributed Availability Group Create or Update request body has empty or Invalid Partner Endpoint.\n\n * 400 InvalidDistributedAvailabilityGroupsCreateOrUpdateRequestDatabases - Distributed Availability Group Create or Update request body has empty or Invalid Databases.\n\n * 400 InstanceAvailabilityGroupNamePartnerAvailabilityGroupNameMatch - Distributed Availability Group Create or Update request body has equal Instance and Partner Availability Group Names.\n\n * 400 InvalidDistributedAvailabilityGroupsCreateOrUpdateRequestSeedingMode - Distributed Availability Group Create or Update request body has empty or Invalid Seeding Mode. Currently, only the 'Automatic' mode is supported.\n\n * 400 CloudLifterChimeraMIAgNameIsAlreadyUsed - Managed Instance link cannot be created because Managed Instance side AG name '{0}' is already used on Managed Instance '{1}'. Choose different name and retry to create link.\n\n * 400 CloudLifterChimeraBoxAndMiOnDifferentDbVersionsFailoverModeManual - The link supporting bi-directional failover requires matching database formats on source and target server.\n\n * 400 ManagedInstanceLinkConnectivityIsNotEstablished - Operation was aborted as replication to Azure SQL Managed Instance did not start within '{0}' minutes since it was initiated. Please verify the network connectivity and firewall rules are configured according to the guidelines described at https://aka.ms/mi-link-troubleshooting, and retry the operation.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 ManagedInstanceLinkCertificateNotFoundOnManagedInstance - Managed instance link connection can not be established due to certificate missing on the managed instance.\n\n * 400 ManagedInstanceLinkForProvidedAvailabilityGroupsAlreadyExists - It is not possible to add an additional database to an existing Managed Instance link as a single link can contain only one database. Please use a different distributed availability group name and try again.\n\n * 400 ManagedInstanceLinkCertificateNotFoundOnSqlServer - Managed instance link connection can not be established due to certificate missing on the on-prem sql server.\n\n * 400 ManagedInstanceLinkTdeCertificateMissing - Azure SQL Managed Instance link cannot be created with source database on SQL Server, because the database is using Transparent Data Encryption (TDE) and the destination managed instance does not have the encryption key for this database. Ensure that the database encryption key from SQL Server is exported and uploaded to Azure Key vault, then selected for use in managed instance TDE configuration and try again.\n\n * 400 CloudLifterChimeraAvailabilityGroupConnectionCannotBeEstablished - Connection with availability group cannot be established as it is not responding. Possible causes could be nonexistence of availability group or distributed availability group on the partner server, incorrectly specified names or configuration parameters.\n\n * 400 CloudLifterChimeraEstablishDbConnectionNotEstablished - Connection with availability group is established, but there is no response from the target database. Possible causes could be errors with creating a database on the partner server, incorrectly specified names or configuration parameters.\n\n * 400 ManagedInstanceLinkSourceDbHasHekatonFile - Memory-optimized filegroup must be empty on the SQL Server source database when replicated to Azure SQL Managed Instance General Purpose service tier. Consider emptying the memory optimized filegroup on the source database and try again. Alternatively consider using Managed Instance Business Critical service tier without making any changes.\n\n * 400 ManagedInstanceLinkSourceDbHasMultipleLogFiles - Source database on SQL Server needs to have a single log file instead of multiple log files for data replication to Azure SQL Managed Instance. Consider using a single log file on the source database and try again.\n\n * 400 ManagedInstanceLinkIsNotFound - The link with Managed Instance was not successfully created or was deleted before data copy operation has completed.\n\n * 400 ManagedInstanceLinkUnsupportedNumberOfFilesOnSourceDb - Maximum number of '{0}' files was reached on Azure SQL Managed Instance preventing data replication. Consider reducing the number of files on the source and try again.\n\n * 400 ManagedInstanceLinkIsNotInTheCatchupState - The link with Managed Instance is not in the catchup state after the data copy link operation completed.\n\n * 400 ManagedInstanceLinkSourceDbHasFilestream - Source database on SQL Server must not use FileStream or FileTables for data replication to Azure SQL Managed Instance. Consider removing FileStream and FileTables on the source database on SQL Server and try again.\n\n * 400 ManagedInstanceLinkSourceDbHasDefunctFiles - Source database '{0}' on SQL Server must not contain files in DEFUNCT state for data replication to Azure SQL Managed Instance to work.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 ManagedInstanceSubnetNameIsReservedAndNotAllowed - Managed Instance can not be created with reserved subnet name. The following subnet names are reserved in Azure: AzureFirewallSubnet, AzureFirewallManagementSubnet, AzureBastionSubnet, and GatewaySubnet.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceRestoreToInstanceWithOlderVersionEdition - Restore operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 InvalidDistributedAvailabilityGroupsCreateOrUpdateRequest - Distributed Availability Group Create or Update request body is empty or invalid.\n\n * 400 InvalidDistributedAvailabilityGroupsCreateOrUpdateRequestInstanceAvailabilityGroupName - Distributed Availability Group Create or Update request body has empty or Invalid Instance Availability Group Name.\n\n * 400 InvalidDistributedAvailabilityGroupsCreateOrUpdateRequestPartnerAvailabilityGroupName - Distributed Availability Group Create or Update request body has empty or Invalid Partner Availability Group Name.\n\n * 400 InvalidDistributedAvailabilityGroupsCreateOrUpdateRequestPartnerEndpoint - Distributed Availability Group Create or Update request body has empty or Invalid Partner Endpoint.\n\n * 400 InvalidDistributedAvailabilityGroupsCreateOrUpdateRequestDatabases - Distributed Availability Group Create or Update request body has empty or Invalid Databases.\n\n * 400 InstanceAvailabilityGroupNamePartnerAvailabilityGroupNameMatch - Distributed Availability Group Create or Update request body has equal Instance and Partner Availability Group Names.\n\n * 400 InvalidDistributedAvailabilityGroupsCreateOrUpdateRequestSeedingMode - Distributed Availability Group Create or Update request body has empty or Invalid Seeding Mode. Currently, only the 'Automatic' mode is supported.\n\n * 400 CloudLifterChimeraMIAgNameIsAlreadyUsed - Managed Instance link cannot be created because Managed Instance side AG name '{0}' is already used on Managed Instance '{1}'. Choose different name and retry to create link.\n\n * 400 CloudLifterChimeraBoxAndMiOnDifferentDbVersionsFailoverModeManual - The link supporting bi-directional failover requires matching database formats on source and target server.\n\n * 400 ManagedInstanceLinkConnectivityIsNotEstablished - Operation was aborted as replication to Azure SQL Managed Instance did not start within '{0}' minutes since it was initiated. Please verify the network connectivity and firewall rules are configured according to the guidelines described at https://aka.ms/mi-link-troubleshooting, and retry the operation.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 ManagedInstanceLinkCertificateNotFoundOnManagedInstance - Managed instance link connection can not be established due to certificate missing on the managed instance.\n\n * 400 ManagedInstanceLinkForProvidedAvailabilityGroupsAlreadyExists - It is not possible to add an additional database to an existing Managed Instance link as a single link can contain only one database. Please use a different distributed availability group name and try again.\n\n * 400 ManagedInstanceLinkCertificateNotFoundOnSqlServer - Managed instance link connection can not be established due to certificate missing on the on-prem sql server.\n\n * 400 ManagedInstanceLinkTdeCertificateMissing - Azure SQL Managed Instance link cannot be created with source database on SQL Server, because the database is using Transparent Data Encryption (TDE) and the destination managed instance does not have the encryption key for this database. Ensure that the database encryption key from SQL Server is exported and uploaded to Azure Key vault, then selected for use in managed instance TDE configuration and try again.\n\n * 400 CloudLifterChimeraAvailabilityGroupConnectionCannotBeEstablished - Connection with availability group cannot be established as it is not responding. Possible causes could be nonexistence of availability group or distributed availability group on the partner server, incorrectly specified names or configuration parameters.\n\n * 400 CloudLifterChimeraEstablishDbConnectionNotEstablished - Connection with availability group is established, but there is no response from the target database. Possible causes could be errors with creating a database on the partner server, incorrectly specified names or configuration parameters.\n\n * 400 ManagedInstanceLinkSourceDbHasHekatonFile - Memory-optimized filegroup must be empty on the SQL Server source database when replicated to Azure SQL Managed Instance General Purpose service tier. Consider emptying the memory optimized filegroup on the source database and try again. Alternatively consider using Managed Instance Business Critical service tier without making any changes.\n\n * 400 ManagedInstanceLinkSourceDbHasMultipleLogFiles - Source database on SQL Server needs to have a single log file instead of multiple log files for data replication to Azure SQL Managed Instance. Consider using a single log file on the source database and try again.\n\n * 400 ManagedInstanceLinkIsNotFound - The link with Managed Instance was not successfully created or was deleted before data copy operation has completed.\n\n * 400 ManagedInstanceLinkUnsupportedNumberOfFilesOnSourceDb - Maximum number of '{0}' files was reached on Azure SQL Managed Instance preventing data replication. Consider reducing the number of files on the source and try again.\n\n * 400 ManagedInstanceLinkIsNotInTheCatchupState - The link with Managed Instance is not in the catchup state after the data copy link operation completed.\n\n * 400 ManagedInstanceLinkSourceDbHasFilestream - Source database on SQL Server must not use FileStream or FileTables for data replication to Azure SQL Managed Instance. Consider removing FileStream and FileTables on the source database on SQL Server and try again.\n\n * 400 ManagedInstanceLinkSourceDbHasDefunctFiles - Source database '{0}' on SQL Server must not contain files in DEFUNCT state for data replication to Azure SQL Managed Instance to work.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -215,7 +215,7 @@ "description": "Successfully deleted distributed availability group." }, "default": { - "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceRestoreToInstanceWithOlderVersionEdition - Restore operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 ManagedInstanceSubnetNameIsReservedAndNotAllowed - Managed Instance can not be created with reserved subnet name. The following subnet names are reserved in Azure: AzureFirewallSubnet, AzureFirewallManagementSubnet, AzureBastionSubnet, and GatewaySubnet.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceRestoreToInstanceWithOlderVersionEdition - Restore operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -283,7 +283,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceRestoreToInstanceWithOlderVersionEdition - Restore operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 ManagedInstanceSubnetNameIsReservedAndNotAllowed - Managed Instance can not be created with reserved subnet name. The following subnet names are reserved in Azure: AzureFirewallSubnet, AzureFirewallManagementSubnet, AzureBastionSubnet, and GatewaySubnet.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceRestoreToInstanceWithOlderVersionEdition - Restore operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -360,7 +360,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 InvalidDistributedAvailabilityGroupFailoverRequest - Distributed Availability Group Failover request body is empty or invalid.\n\n * 400 InvalidDistributedAvailabilityGroupFailoverInstanceRole - Planned failover can be executed on a link in the primary role only. Current state of the specified link is secondary.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceRestoreToInstanceWithOlderVersionEdition - Restore operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 409 DistributedAvailabilityGroupFailoverSecondariesNotSynchronizing - Planned failover cannot be executed if secondaries are not synchronizing.\n\n * 409 DistributedAvailabilityGroupFailoverLogSendQueueSizeTooBig - Planned failover cannot be executed if send queue is too large.\n\n * 409 DistributedAvailabilityGroupFailoverRedoQueueSizeTooBig - Planned failover cannot be executed if redo queue is too large on secondary.\n\n * 409 DistributedAvailabilityGroupSetRoleInstanceAlreadyInRequestedRole - User attempted to perform setRole operation while managed instance link is already in requested role.\n\n * 409 DistributedAvailabilityGroupSetRoleChangeRoleAlreadyInProgress - Changing the server role cannot be executed at this time as there exist a previous role change in progress on Azure SQL Managed Instance. Only when the previous role change completes, a new request could be submitted. Please wait for the previous role change to complete and retry again.\n\n * 409 DistributedAvailabilityGroupSetRoleFailed - Setting the role has failed due to an unknown reason. Please check the error log file. If the issue persists, contact Azure support.\n\n * 409 DistributedAvailabilityGroupSetRolePrimaryPlannedNotSupported - User attempted to perform setRole operation to primary in planned fashion and that is not supported.\n\n * 409 DistributedAvailabilityGroupDbEncryptedWithSmk - Managed database cannot be replicated from Managed Instance to SQL Server, as this managed database is encrypted with service managed key. Either decrypt the database on Managed Instance, or switch the encryption service protector to customer-managed (BYOK) and try again.\n\n * 409 DistributedAvailabilityGroupDbCannotBeEncryptedWhenPrimaryInMiLink - Database cannot be encrypted using the service managed key as it is being replicated from Managed Instance to SQL Server. Switch the encryption protector from service managed to customer managed (BYOK) on Managed Instance and ensure the encryption key from Managed Instance is imported on SQL Server.\n\n * 409 DistributedAvailabilityGroupProtectorCannotBeUpdtedToSmk - Switching the encryption protector from customer managed (BYOK) to service managed is not allowed as there exists database replication from Managed Instance to SQL Server supporting customer managed encryption only.\n\n * 409 DistributedAvailabilityGroupMiPrimaryWithGeodr - Database cannot be replicated from Managed Instance to SQL Server as there already exists database geo-replication from this Managed Instance to another Managed Instance using auto-failover groups. Disconnect this Managed Instance from the failover group, and try again.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 InvalidDistributedAvailabilityGroupFailoverRequest - Distributed Availability Group Failover request body is empty or invalid.\n\n * 400 InvalidDistributedAvailabilityGroupFailoverInstanceRole - Planned failover can be executed on a link in the primary role only. Current state of the specified link is secondary.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 ManagedInstanceSubnetNameIsReservedAndNotAllowed - Managed Instance can not be created with reserved subnet name. The following subnet names are reserved in Azure: AzureFirewallSubnet, AzureFirewallManagementSubnet, AzureBastionSubnet, and GatewaySubnet.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceRestoreToInstanceWithOlderVersionEdition - Restore operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 409 DistributedAvailabilityGroupFailoverSecondariesNotSynchronizing - Planned failover cannot be executed if secondaries are not synchronizing.\n\n * 409 DistributedAvailabilityGroupFailoverLogSendQueueSizeTooBig - Planned failover cannot be executed if send queue is too large.\n\n * 409 DistributedAvailabilityGroupFailoverRedoQueueSizeTooBig - Planned failover cannot be executed if redo queue is too large on secondary.\n\n * 409 DistributedAvailabilityGroupSetRoleInstanceAlreadyInRequestedRole - User attempted to perform setRole operation while managed instance link is already in requested role.\n\n * 409 DistributedAvailabilityGroupSetRoleChangeRoleAlreadyInProgress - Changing the server role cannot be executed at this time as there exist a previous role change in progress on Azure SQL Managed Instance. Only when the previous role change completes, a new request could be submitted. Please wait for the previous role change to complete and retry again.\n\n * 409 DistributedAvailabilityGroupSetRoleFailed - Setting the role has failed due to an unknown reason. Please check the error log file. If the issue persists, contact Azure support.\n\n * 409 DistributedAvailabilityGroupSetRolePrimaryPlannedNotSupported - User attempted to perform setRole operation to primary in planned fashion and that is not supported.\n\n * 409 DistributedAvailabilityGroupDbEncryptedWithSmk - Managed database cannot be replicated from Managed Instance to SQL Server, as this managed database is encrypted with service managed key. Either decrypt the database on Managed Instance, or switch the encryption service protector to customer-managed (BYOK) and try again.\n\n * 409 DistributedAvailabilityGroupDbCannotBeEncryptedWhenPrimaryInMiLink - Database cannot be encrypted using the service managed key as it is being replicated from Managed Instance to SQL Server. Switch the encryption protector from service managed to customer managed (BYOK) on Managed Instance and ensure the encryption key from Managed Instance is imported on SQL Server.\n\n * 409 DistributedAvailabilityGroupProtectorCannotBeUpdtedToSmk - Switching the encryption protector from customer managed (BYOK) to service managed is not allowed as there exists database replication from Managed Instance to SQL Server supporting customer managed encryption only.\n\n * 409 DistributedAvailabilityGroupMiPrimaryWithGeodr - Database cannot be replicated from Managed Instance to SQL Server as there already exists database geo-replication from this Managed Instance to another Managed Instance using auto-failover groups. Disconnect this Managed Instance from the failover group, and try again.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -430,7 +430,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 InvalidDistributedAvailabilityGroupFailoverRequest - Distributed Availability Group Failover request body is empty or invalid.\n\n * 400 InvalidDistributedAvailabilityGroupFailoverInstanceRole - Planned failover can be executed on a link in the primary role only. Current state of the specified link is secondary.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceRestoreToInstanceWithOlderVersionEdition - Restore operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 409 DistributedAvailabilityGroupFailoverSecondariesNotSynchronizing - Planned failover cannot be executed if secondaries are not synchronizing.\n\n * 409 DistributedAvailabilityGroupFailoverLogSendQueueSizeTooBig - Planned failover cannot be executed if send queue is too large.\n\n * 409 DistributedAvailabilityGroupFailoverRedoQueueSizeTooBig - Planned failover cannot be executed if redo queue is too large on secondary.\n\n * 409 DistributedAvailabilityGroupSetRoleInstanceAlreadyInRequestedRole - User attempted to perform setRole operation while managed instance link is already in requested role.\n\n * 409 DistributedAvailabilityGroupSetRoleChangeRoleAlreadyInProgress - Changing the server role cannot be executed at this time as there exist a previous role change in progress on Azure SQL Managed Instance. Only when the previous role change completes, a new request could be submitted. Please wait for the previous role change to complete and retry again.\n\n * 409 DistributedAvailabilityGroupSetRoleFailed - Setting the role has failed due to an unknown reason. Please check the error log file. If the issue persists, contact Azure support.\n\n * 409 DistributedAvailabilityGroupSetRolePrimaryPlannedNotSupported - User attempted to perform setRole operation to primary in planned fashion and that is not supported.\n\n * 409 DistributedAvailabilityGroupDbEncryptedWithSmk - Managed database cannot be replicated from Managed Instance to SQL Server, as this managed database is encrypted with service managed key. Either decrypt the database on Managed Instance, or switch the encryption service protector to customer-managed (BYOK) and try again.\n\n * 409 DistributedAvailabilityGroupDbCannotBeEncryptedWhenPrimaryInMiLink - Database cannot be encrypted using the service managed key as it is being replicated from Managed Instance to SQL Server. Switch the encryption protector from service managed to customer managed (BYOK) on Managed Instance and ensure the encryption key from Managed Instance is imported on SQL Server.\n\n * 409 DistributedAvailabilityGroupProtectorCannotBeUpdtedToSmk - Switching the encryption protector from customer managed (BYOK) to service managed is not allowed as there exists database replication from Managed Instance to SQL Server supporting customer managed encryption only.\n\n * 409 DistributedAvailabilityGroupMiPrimaryWithGeodr - Database cannot be replicated from Managed Instance to SQL Server as there already exists database geo-replication from this Managed Instance to another Managed Instance using auto-failover groups. Disconnect this Managed Instance from the failover group, and try again.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 InvalidDistributedAvailabilityGroupFailoverRequest - Distributed Availability Group Failover request body is empty or invalid.\n\n * 400 InvalidDistributedAvailabilityGroupFailoverInstanceRole - Planned failover can be executed on a link in the primary role only. Current state of the specified link is secondary.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 ManagedInstanceSubnetNameIsReservedAndNotAllowed - Managed Instance can not be created with reserved subnet name. The following subnet names are reserved in Azure: AzureFirewallSubnet, AzureFirewallManagementSubnet, AzureBastionSubnet, and GatewaySubnet.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceRestoreToInstanceWithOlderVersionEdition - Restore operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 409 DistributedAvailabilityGroupFailoverSecondariesNotSynchronizing - Planned failover cannot be executed if secondaries are not synchronizing.\n\n * 409 DistributedAvailabilityGroupFailoverLogSendQueueSizeTooBig - Planned failover cannot be executed if send queue is too large.\n\n * 409 DistributedAvailabilityGroupFailoverRedoQueueSizeTooBig - Planned failover cannot be executed if redo queue is too large on secondary.\n\n * 409 DistributedAvailabilityGroupSetRoleInstanceAlreadyInRequestedRole - User attempted to perform setRole operation while managed instance link is already in requested role.\n\n * 409 DistributedAvailabilityGroupSetRoleChangeRoleAlreadyInProgress - Changing the server role cannot be executed at this time as there exist a previous role change in progress on Azure SQL Managed Instance. Only when the previous role change completes, a new request could be submitted. Please wait for the previous role change to complete and retry again.\n\n * 409 DistributedAvailabilityGroupSetRoleFailed - Setting the role has failed due to an unknown reason. Please check the error log file. If the issue persists, contact Azure support.\n\n * 409 DistributedAvailabilityGroupSetRolePrimaryPlannedNotSupported - User attempted to perform setRole operation to primary in planned fashion and that is not supported.\n\n * 409 DistributedAvailabilityGroupDbEncryptedWithSmk - Managed database cannot be replicated from Managed Instance to SQL Server, as this managed database is encrypted with service managed key. Either decrypt the database on Managed Instance, or switch the encryption service protector to customer-managed (BYOK) and try again.\n\n * 409 DistributedAvailabilityGroupDbCannotBeEncryptedWhenPrimaryInMiLink - Database cannot be encrypted using the service managed key as it is being replicated from Managed Instance to SQL Server. Switch the encryption protector from service managed to customer managed (BYOK) on Managed Instance and ensure the encryption key from Managed Instance is imported on SQL Server.\n\n * 409 DistributedAvailabilityGroupProtectorCannotBeUpdtedToSmk - Switching the encryption protector from customer managed (BYOK) to service managed is not allowed as there exists database replication from Managed Instance to SQL Server supporting customer managed encryption only.\n\n * 409 DistributedAvailabilityGroupMiPrimaryWithGeodr - Database cannot be replicated from Managed Instance to SQL Server as there already exists database geo-replication from this Managed Instance to another Managed Instance using auto-failover groups. Disconnect this Managed Instance from the failover group, and try again.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ElasticPools.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ElasticPools.json index dd5997111e95..a9c58b57ded2 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ElasticPools.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ElasticPools.json @@ -591,6 +591,11 @@ "name": "AvailabilityZoneType", "modelAsString": true } + }, + "currentSku": { + "$ref": "../../../common/v1/types.json#/definitions/Sku", + "description": "The name and tier of the current SKU.", + "readOnly": true } } }, @@ -688,6 +693,11 @@ "name": "AvailabilityZoneType", "modelAsString": true } + }, + "currentSku": { + "$ref": "../../../common/v1/types.json#/definitions/Sku", + "description": "The name and tier of the current SKU.", + "readOnly": true } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/EncryptionProtectors.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/EncryptionProtectors.json index 7394d82629e8..8d5680a3ffe2 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/EncryptionProtectors.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/EncryptionProtectors.json @@ -170,7 +170,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 InvalidEncryptionProtectorName - The encryption protector key name is not supported.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerKeyNotFound - The requested server key was not found on the current subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 EncryptionProtectorChangeInProgress - Cannot update database encryption key protector while protector change is already in progress\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", + "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 InvalidEncryptionProtectorName - The encryption protector key name is not supported.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerKeyNotFound - The requested server key was not found on the current subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 EncryptionProtectorChangeInProgress - Cannot update database encryption key protector while protector change is already in progress\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -238,7 +238,7 @@ "description": "Successfully revalidated the encryption protector." }, "default": { - "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 InvalidEncryptionProtectorName - The encryption protector key name is not supported.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerKeyNotFound - The requested server key was not found on the current subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 EncryptionProtectorChangeInProgress - Cannot update database encryption key protector while protector change is already in progress\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", + "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 InvalidEncryptionProtectorName - The encryption protector key name is not supported.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerKeyNotFound - The requested server key was not found on the current subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 EncryptionProtectorChangeInProgress - Cannot update database encryption key protector while protector change is already in progress\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/InstanceFailoverGroups.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/InstanceFailoverGroups.json index 58a5356a1514..da81a68c53fc 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/InstanceFailoverGroups.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/InstanceFailoverGroups.json @@ -49,7 +49,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -105,7 +105,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -165,7 +165,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -228,7 +228,7 @@ "description": "Successfully deleted the failover group." }, "default": { - "description": "*** Error Responses: ***\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -293,7 +293,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -355,7 +355,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/Jobs.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/Jobs.json index d11354ce0a0d..e2c72d181859 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/Jobs.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/Jobs.json @@ -315,13 +315,13 @@ "startTime": { "format": "date-time", "description": "Schedule start time.", - "default": "0001-01-01T16:00:00-08:00", + "default": "0001-01-01T05:30:00+05:30", "type": "string" }, "endTime": { "format": "date-time", "description": "Schedule end time.", - "default": "9999-12-31T03:59:59-08:00", + "default": "9999-12-31T17:29:59+05:30", "type": "string" }, "type": { diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedDatabaseMoveOperations.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedDatabaseMoveOperations.json index bd8a2a5ca55a..401727ac0764 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedDatabaseMoveOperations.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedDatabaseMoveOperations.json @@ -62,7 +62,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 SystemDatabaseUnsupportedOperation - Unsupported operation for system database.\n\n * 400 ManagedInstanceDatabaseCopyOrMoveToInstanceWithOlderVersionEdition - Operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 XtpServerStateMismatch - Both source and target servers do not support memory optimized data.\n\n * 400 ManagedInstanceDatabaseLimitExceeded - This operation cannot start because specified target managed instance '{0}' already has maximum number of user databases.\n\n * 400 ManagedDatabaseGPFileSizeLimitExceeded - Creating a copy of a managed database on different SQL Managed Instance with General Purpose service tier would violate data file size limit. See: 'https://docs.microsoft.com/azure/azure-sql/managed-instance/resource-limits#service-tier-characteristics'.\n\n * 400 ManagedInstanceGPStorageAccountLimitExceeded - Creating a copy of a database on different SQL Managed Instance with General Purpose service tier would violate storage account size limit. See: 'https://docs.microsoft.com/azure/azure-sql/managed-instance/resource-limits#service-tier-characteristics'.\n\n * 400 TargetInsufficientStorage - Attempt to move/restore/copy database on the destination instance with insufficient space.\n\n * 400 BrokenConnectivityBetweenInstances - Database '{0}' operation failed because there is no network connectivity between source instance '{1}' and target instance '{2}'.\n\n * 400 SubnetOverlapBetweenInstances - Database '{0}' operation failed because there is no connectivity between source and target Azure SQL Managed Instance. This is because the target instance subnet has an overlapping address range with the subnet of the source instance.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 CrossTenantOperationNotSupported - Cross tenant operation is not supported.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 CrossResourceOperationNotSupported - Cross resource operation is not supported.\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceRestoreToInstanceWithOlderVersionEdition - Restore operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 ManagedDatabaseMoveOperationResultsInvalidODataQuery - The specified OData query is either not valid or not supported\n\n * 404 ResourceNotFound - Invalid request specifying a non-existent resource.\n\n * 404 CrossManagedInstanceDatabaseMovementNotExist - Database movement does not exist.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 SystemDatabaseUnsupportedOperation - Unsupported operation for system database.\n\n * 400 ManagedInstanceDatabaseCopyOrMoveToInstanceWithOlderVersionEdition - Operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 XtpServerStateMismatch - Both source and target servers do not support memory optimized data.\n\n * 400 ManagedInstanceDatabaseLimitExceeded - This operation cannot start because specified target managed instance '{0}' already has maximum number of user databases.\n\n * 400 ManagedDatabaseGPFileSizeLimitExceeded - Creating a copy of a managed database on different SQL Managed Instance with General Purpose service tier would violate data file size limit. See: 'https://docs.microsoft.com/azure/azure-sql/managed-instance/resource-limits#service-tier-characteristics'.\n\n * 400 ManagedInstanceGPStorageAccountLimitExceeded - Creating a copy of a database on different SQL Managed Instance with General Purpose service tier would violate storage account size limit. See: 'https://docs.microsoft.com/azure/azure-sql/managed-instance/resource-limits#service-tier-characteristics'.\n\n * 400 TargetInsufficientStorage - Attempt to move/restore/copy database on the destination instance with insufficient space.\n\n * 400 BrokenConnectivityBetweenInstances - Database '{0}' operation failed because there is no network connectivity between source instance '{1}' and target instance '{2}'.\n\n * 400 SubnetOverlapBetweenInstances - Database '{0}' operation failed because there is no connectivity between source and target Azure SQL Managed Instance. This is because the target instance subnet has an overlapping address range with the subnet of the source instance.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 CrossTenantOperationNotSupported - Cross tenant operation is not supported.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 CrossResourceOperationNotSupported - Cross resource operation is not supported.\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceRestoreToInstanceWithOlderVersionEdition - Restore operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 ManagedDatabaseMoveOperationResultsInvalidODataQuery - The specified OData query is either not valid or not supported\n\n * 404 ResourceNotFound - Invalid request specifying a non-existent resource.\n\n * 404 CrossManagedInstanceDatabaseMovementNotExist - Database movement does not exist.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -124,7 +124,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 SystemDatabaseUnsupportedOperation - Unsupported operation for system database.\n\n * 400 ManagedInstanceDatabaseCopyOrMoveToInstanceWithOlderVersionEdition - Operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 XtpServerStateMismatch - Both source and target servers do not support memory optimized data.\n\n * 400 ManagedInstanceDatabaseLimitExceeded - This operation cannot start because specified target managed instance '{0}' already has maximum number of user databases.\n\n * 400 ManagedDatabaseGPFileSizeLimitExceeded - Creating a copy of a managed database on different SQL Managed Instance with General Purpose service tier would violate data file size limit. See: 'https://docs.microsoft.com/azure/azure-sql/managed-instance/resource-limits#service-tier-characteristics'.\n\n * 400 ManagedInstanceGPStorageAccountLimitExceeded - Creating a copy of a database on different SQL Managed Instance with General Purpose service tier would violate storage account size limit. See: 'https://docs.microsoft.com/azure/azure-sql/managed-instance/resource-limits#service-tier-characteristics'.\n\n * 400 TargetInsufficientStorage - Attempt to move/restore/copy database on the destination instance with insufficient space.\n\n * 400 BrokenConnectivityBetweenInstances - Database '{0}' operation failed because there is no network connectivity between source instance '{1}' and target instance '{2}'.\n\n * 400 SubnetOverlapBetweenInstances - Database '{0}' operation failed because there is no connectivity between source and target Azure SQL Managed Instance. This is because the target instance subnet has an overlapping address range with the subnet of the source instance.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 CrossTenantOperationNotSupported - Cross tenant operation is not supported.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 CrossResourceOperationNotSupported - Cross resource operation is not supported.\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceRestoreToInstanceWithOlderVersionEdition - Restore operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 ElasticPoolOverStorageUsage - Attempting to write data to a database when the storage limit of the elastic pool has been reached.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 SourceDatabaseEncryptionProtectorKeyUriRequiredForPerDatabaseCMKCopyOrReplication - Geo secondary database missing AKV of geo primary database\n\n * 400 LtrPoolRestoreNoTargetSlo - Unable to determine target service level objective. If restoring from a long-term retention backup of a database that was in an elastic pool, either target elastic pool name or target service level objective must be supplied. If the source database was dropped, use Azure Powershell to specify the target service level objective.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 CannotMoveOrDropJobAccountDatabase - Cannot drop database associated with job account.\n\n * 400 JobAgentDatabaseEditionUnsupported - The specified database's service level objective is not supported for use as a job agent database.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 InvalidMaxSizeTierCombination - The specified tier does not support the specified database max size.\n\n * 400 InvalidTier - The user specified an invalid tier.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 CannotUpdateIsLedgerDatabase - The ledger property of an existing database cannot be updated.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 ChangeUnsupportedOnEntity - User attempted an unsupported create/update/delete operation on a given entity.\n\n * 400 UpdateNotAllowedInCurrentReplicationState - The operation is disallowed on the database in its current replication state.\n\n * 400 GeoReplicaLimitReached - The per-replica replication limit was reached.\n\n * 400 ReplicationSourceAndTargetMustHaveSameName - The replication source and target databases must have the same name.\n\n * 400 ReplicationSourceAndTargetMustBeInDifferentServers - The replication source and target databases must be in different logical servers.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 InvalidDatabaseCreateMode - Invalid request to create a database.\n\n * 400 TierChangeUnsupportedDueToMemoryOptimizedObject - The database cannot update its sku because it has memory-optimized objects.\n\n * 400 PartnerDBNotCompatibleForSGXEnclave - Attempt to set GeoDR link or update SLO for enclave enabled database is only supported when both database are running on DC-series hardware.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 TierChangeUnsupportedDueToCDCEnabledDatabase - The database cannot update its sku because it is enabled for CDC.\n\n * 400 IsLedgerDatabaseIsNotSupportedOnResourceType - Changing the ledger property is not supported for this resource type.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 InvalidTierSkuCombination - The specified tier does not support the specified sku.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 OfferDisabledOnSubscription - Subscription offer type is restricted from provisioning the requested resource.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PartnerServerNotCompatible - The user is attempting to copy a database from a SAWA V1 server to a Sterling server or vice versa.\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 UnableToCreateGeoChain - User attempted to create secondary database (chaining) even though automatic upload of ledger digests has been configured\n\n * 400 TargetElasticPoolDoesNotExist - The elastic pool does not exist on a server.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 ElasticPoolSkuCombinationInvalid - Elastic pool and sku can be specified together only if sku is specified as 'ElasticPool'.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 ElasticPoolTierCombinationInvalid - The database tier is different than the elastic pool service tier.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 ElasticPoolNameRequired - User tried to create or update database to elastic pool service objective without specifying the name of the elastic pool.\n\n * 400 InvalidReadScaleEdition - User attempted to enable read scale on a database type that does not support it.\n\n * 400 InvalidReadScaleUnits - User attempted to provide a read scale value that is not supported.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 GeoSecondaryMaxSizeUpdateFailed - The geo-secondary database is of a SLO that does not support the requested maxsize value or the geo-secondary is in an unsupported region or an update operation is already in progress on the geo-secondary database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 ElasticPoolInconsistentDtuGuaranteeSettings - Attempting to provide DTU min for databases in the elastic pool that exceeds requested DTUs of the elastic pool.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 ElasticPoolDatabaseCountOverLimit - Attempting to create or add database to elastic pool when the database count limit of the elastic pool has been reached.\n\n * 400 RequestedDatabaseSizeRequiresShrink - User attempted to ALTER DATABASE MODIFY MAXSIZE to modify the MAXSIZE for a database to a smaller size then the current size.\n\n * 400 CannotChangeToOrFromDataWarehouseTier - User attempted to change the sku of a database from DataWarehouse tier to non DataWarehouse tiers or vice versa.\n\n * 400 CurrentDatabaseSizeExceedsDbMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 ElasticPoolDecreaseStorageLimitBelowUsage - Attempting to decrease the storage limit of the elastic pool below its storage usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 UpdateNotAllowedOnPausedDatabase - User attempted to perform an update on a paused database.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 DatabaseNameInUse - Database already exists. Choose a different database name.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SourceDatabaseEditionCouldNotBeUpgraded - The source database cannot have higher edition than the target database.\n\n * 400 TargetDatabaseEditionCouldNotBeDowngraded - The target database cannot have lower edition than the source database.\n\n * 400 UpdateNotAllowedIfGeoDrOperationInProgress - The operation is disallowed because copy or failover operation for database '{0}' on server '{1}' is currently in progress.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 ElasticPoolOverFileSpace - Insufficient file space in the elastic pool.\n\n * 400 InvalidLicenseType - User tried to create or update a database or elastic pool with unsupported license type.\n\n * 400 UnsupportedCapacity - User tried to create or update database with capacity which is not supported.\n\n * 400 RestoreToFreeEditionNotSupported - Restore and GeoRestore target cannot be free database.\n\n * 400 RestoreNotSupportedForFreeEdition - Restore and GeoRestore are not supported for free database.\n\n * 400 InvalidDroppedDatabase - Source database dropped does not exist on server within the supported recovery period.\n\n * 400 InvalidLiveDatabase - Source database does not exist on server within the supported recovery period. If restoring a dropped database, please specify its deletion date.\n\n * 400 InvalidVldbRecoverySlo - The Hyperscale edition recovery requires both source and target databases to use Hyperscale service level objective.\n\n * 400 CannotUpdateToFreeDatabase - Updating a database to the free sku is not supported.\n\n * 400 InvalidVldbRestoreSlo - The Hyperscale edition Point-In-Time restore requires both source and target databases to use Hyperscale service level objective.\n\n * 400 CannotSpecifyPoolOrSlo - Specifying an elastic pool and/or changing the service level objective or edition is not supported for edition.\n\n * 400 InvalidBackupStorageAccountType - User passed zrs/lrs during create/update of a database but it failed either because the customer is not whitelisted or because zrs is not available in the specified region.\n\n * 400 DatabaseInvalidSkuPropertyCombination - The properties of the requested sku are inconsistent. Please check that a valid combination is specified. See https://docs.microsoft.com/en-us/rest/api/sql/capabilities/listbylocation#serviceobjectivecapability for more details.\n\n * 400 DatabaseNamedReplicaPerDatabaseLimitExceeded - User tried create a named replica that would exceed the allowed number per primary database\n\n * 400 UnsupportedBackupStorageRedundancyForEdition - The requested backup storage redundancy is not supported for edition\n\n * 400 DatabaseIsCurrentlyPinned - Microsoft has pinned your database SQL Server engine version. To ensure your database does not hit production issues, any future scale operations on your database will be blocked until it has been un-pinned. Please contact Microsoft support for assistance with scaling.\n\n * 400 RestoreTargetEditionSizeInsufficient - User attempted to restore a database to an edition that is a smaller size than the current allocated size of the source.\n\n * 400 DatabaseCreationBlockedForNonActivatedCMKServer - SQL Pool creations are blocked for CMK enabled workspaces until the workspace is activated. First, enable purge protection and grant the workspace Managed Identity the required permissions (Get, Wrap Key, Unwrap Key) on the Azure Key Vault of the workspace key. Next, activate your workspace after you have granted access.\n\n * 400 InvalidIdentityId - One or more identity id(s) provided are not valid ARM resource id(s). Please input valid id(s) and try again.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 InvalidNumberOfIdentities - Only one user assigned managed identity is supported at the Database Level.\n\n * 400 NoRestorePointAvailable - The source database has not yet accomplished its first backup in order to support restore operations. Please retry the restore request later.\n\n * 400 DatabaseNamedReplicaChainingNotAllowed - User tried to create a named replica of a named replica which is not allowed.\n\n * 400 DatabaseNamedReplicaInvalidOperation - User attempted an unsupported operation on a named replica.\n\n * 400 DatabaseNamedReplicaInvalidSourceDatabase - User attempted to create a named replica in a different subscription or region than the source database.\n\n * 400 DatabaseNamedReplicaSourceDatabaseNotZoneRedundant - Zone Redundancy cannot be enabled on this Named Replica since the primary Hyperscale Database is not zone redundant.\n\n * 400 CannotAssignIdentityToMaster - Cannot assign an identity to a system database. Database identity cannot be assigned to 'master', 'model', 'tempdb', 'msdb', or 'resource' databases.\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 CrossTierDatabaseOperationNotSupported - Operation not supported.\n\n * 400 MissingThumbprintCrm - The restore operation of a CRM database failed because a required TDE certificate was missing. Please retry the restore operation to an existing elastic pool.\n\n * 400 ElasticPoolOverStorage - Attempting to write data to a database when the storage limit of the elastic pool has been reached.\n\n * 400 RestoreTargetEditionSizeInsufficientV2 - User attempted to restore a database to an edition that is a smaller size than the allocated size of the restored database.\n\n * 400 ResourcePoolStorageLimitHitDuringRestore - The restored database can't be restored into the resource pool due to the remaining storage capacity in the pool.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 PerDatabaseCMKGeoReplicationNotSupported - Geo Replication and Database Copy is not supported when Database-level CMK is configured in preview.\n\n * 400 InvalidStandbyGeoEdition - User attempted to create a DTU based standby geo.\n\n * 400 ElasticPoolInconsistentVcoreGuaranteeSettings - The number of databases and VCore min per database cannot exceed requested VCores of the elastic pool.\n\n * 400 GeoRestoreBackupStorageTypeNotSupported - Database recovery requests are invalid when issued against a database that is not configured to use geo-redundant backup storage.\n\n * 400 RestoreHyperscaleToNonHyperscale - Restoring a Hyperscale database backup to a non-Hyperscale service tier or vice versa is not supported.\n\n * 400 SubscriptionDoesNotHaveAccessToServer - The subscription does not have access to the specified server(s)\n\n * 400 RecoveryPointDoesNotExist - The specified recovery point either does not exist or is not valid.\n\n * 400 LtrBackupNotFound - The specified long term retention backup does not exist.\n\n * 400 InvalidPointInTime - The specified point in time is not valid for the database.\n\n * 400 GeoRestoreCannotResolveTargetCluster - Cannot resolve target cluster for server\n\n * 400 CannotSpecifyEditionOrSloWhenRestoringToPool - Specifying the target service level objective or edition is not supported when restoring to an elastic pool.\n\n * 400 RestoreNotSupportedForGeoDrSecondary - Point-in-time restore and database recovery operations are not supported on databases that are currently configured as geo-secondaries.\n\n * 400 DatabaseNamedReplicaBackupRetentionConfigurationNotSupported - User attempted configuring backup retention policy on a Named Replica.\n\n * 400 GeoRedundantBackupsNotPermittedForSubscription - Geo-redundant backup storage is blocked for all databases under subscription '{0}' by preview feature 'Azure SQL Database Block Geo-redundant Backup Storage'. Please select a different backup storage redundancy.\n\n * 400 RestoreHyperscaleToNonHyperscaleElasticPool - Restoring a Hyperscale database to an elastic pool which is not Hyperscale or restoring a database which is not Hyperscale to a Hyperscale elastic pool is not supported.\n\n * 400 RestoreIneligibleDatabaseName - The specified target database name, '{0}', is reserved and cannot be used in a restore operation.\n\n * 400 RestoreNotSupportedForSystemDb - Restore and database recovery are not supported for system databases.\n\n * 400 RestoreIneligibleDroppedDatabaseShortLifespan - The source database, '{0}', dropped on '{1}', has not existed long enough to support restores.\n\n * 400 RestoreIneligibleLiveDatabaseShortLifespan - The source database, '{0}', has not yet accomplished its first backup in order to support restore operations. Please wait until at least the indicated earliest restore date '{1}' and resubmit the request.\n\n * 400 RestoreCrossServerDisabled - For point-in-time restores, the target logical server must be the same as the source logical server. Consider restoring to the source database's server, or using database copy or database recovery.\n\n * 400 RestoreSameServerRecoveryDisabled - Same-server recovery is currently not supported. Consider using point-in-time restore or recovering to a different server.\n\n * 400 RestoreNotSupportedFromLtrBackupToEdition - Restore from long-term retention backup to '{0}' edition not supported.\n\n * 400 RestoreNotSupportedFromExternalBackupToEdition - Restore from external backup to '{0}' edition not supported.\n\n * 400 UpdateToServerlessIfLtrIsNotDisabled - Enabling auto-pause for a serverless database is not supported if long-term backup retention is enabled.\n\n * 400 DuplicateRestoreOperation - A restore request with the same target database name '{0}' on server '{1}' already exists.\n\n * 400 ExternalBackupUriMalformed - The external backup storage container URI is malformed.\n\n * 400 ExternalBackupUriHostNotAllowed - The host name for the external backup storage container URI is not allowed.\n\n * 400 ExternalBackupUriInvalidSchemeOrPort - The external backup storage container URI uses an invalid scheme or port. Please use https and port 443.\n\n * 400 ExternalBackupVldbUnsupported - Hyperscale does not support external backup restore requests.\n\n * 400 CannotMoveOrDropSyncMetadataDatabase - Cannot drop database used as sync metadata database.\n\n * 400 InvalidPitrPriorToVldbMigration - For database '{0}', specified point-in-time '{1}' is prior to the Hyperscale migration time of '{2}'. Please specify a target edition or service level objective which is not Hyperscale when restoring to a point earlier than the Hyperscale migration.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 BlockRestoreOnVldbGeoSecondary - Restore of Hyperscale database where source database is geo-secondary is not allowed.\n\n * 400 BackupSetNotFound - No backups were found to restore the database. Please contact support to restore the database.\n\n * 400 IncorrectAccessToAzureKeyVault - Target server does not have access to all AKV Uris created during the backup time.\n\n * 400 RestoreFailureSqlInstanceUnhealthy - Unable to connect to the instance in order to perform restore operation.\n\n * 400 BackupSetBroken - Backup set is broken.\n\n * 400 TimeoutDuringRestore - A timeout was encountered while trying to connect to the restore target.\n\n * 400 BrokenRestorePlanGapInLogBackups - The restore plan is broken because firstLsn of current log backup is not equal to lastLsn of prev log backup.\n\n * 400 FullBackupMissingChecksum - Provided full backup is missing checksum.\n\n * 400 RequiredBackupIsNotLastRestored - Migration cannot be completed because provided backup file name is not the name of the last backup file that is restored.\n\n * 400 IncompatiblePhysicalLayoutNonOnlineDataFilesExist - Database backup contains incompatible physical layout. Non-online data files exist.\n\n * 400 IncompatiblePhysicalLayoutWrongNumberOfLogFiles - Database backup contains incompatible physical layout. Multiple log files are not supported.\n\n * 400 BackupSetNotFoundRecentPit - No backups were found to restore the database to the specified point in time. Please retry the operation. If the problem persists, contact support to restore the database.\n\n * 400 InvalidPublicMaintenanceConfiguration - User tried to specify public maintenance configuration which cannot be converted to internal id (malformed or wrong region).\n\n * 400 MaintenanceWindowNotSupportedForNamedReplica - User tried to create or update named replica with non-default maintenance window which is not supported.\n\n * 400 InvalidStandbyGeoReadScale - User attempted to enable read scale on a standby geo database that does not support it.\n\n * 400 PerDatabaseCMKKeyRotationAttemptedWhileOldThumbprintInUse - Key Rotation for the TDE Protector at the database level is blocked when active transactions are holding up the log encrypted with old keys. Please refer to aka.ms/azuresqldbkeyrotation for possible strategies to workaround this issue.\n\n * 400 PerDBCMKNotSupportedWithLTR - Database-level CMK is not supported when Long-term Backup Retention is enabled on the database.\n\n * 400 VBSEnclaveNotSupportedForDW - The preferredEnclaveType is not supported for dedicated SQL Pools.\n\n * 400 VBSEnclaveNotSupportedForDCSeriesSLO - Configuring the 'VBS' preferredEnclaveType for databases using the DC-series hardware configuration is not supported. DC-series databases are pre-configured with Intel SGX enclaves. Virtualization based security (VBS) enclaves are not supported.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutDatabaseLevelEncryptionProtector - Database-level encryption protector must be set on the target database while attempting to copy or replicate a database encrypted with a database level key.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 PerDatabaseCMKGeoPrimaryIsNotConfiguredWithDatabaseLevelEncryptionProtector - The geo-primary database must be configured with a database level encryption protector before setting a database level encryption protector on the geo-secondary.\n\n * 400 ElasticJobsNotSupportedOnAutoPauseEnabledDatabase - Auto-pause enabled serverless database is not supported as an Elastic Jobs database because job agent would prevent that database from pausing. You can either disable auto-pause on this serverless database or delete the job agent that is using this database. See here for more details: https://docs.microsoft.com/azure/azure-sql/database/serverless-tier-overview#auto-pausing\n\n * 400 VBSEnclaveNotSupportedForGeoReplicationWithDefaultEnclave - Configuring geo-replication is not supported for databases using different values of the preferredEnclaveType property. The primary '{0}' database on the '{1}' server uses the '{2}' preferredEnclaveType, whereas the specified preferredEnclaveType for the secondary '{3}' database on the '{4}' server is '{5}'.\n\n * 400 VBSEnclaveNotSupportedForPlannedFailoverBetweenDatabasesWithDifferentPreferredEnclaveTypes - Planned failover between primary and secondary database with different preferredEnclaveType is not supported for Virtualization-based security (VBS) enclaves.\n\n * 400 PerDatabaseCMKGeoPrimaryIsConfiguredWithDatabaseLevelEncryptionProtector - The geo-primary database must not be configured with a database level encryption protector when failing over to a geo-secondary without a database level encryption protector.\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 VBSEnclaveResourcePoolInvalidCombination - Adding a database with '{0}' preferredEnclaveType to an elastic pool '{1}' with '{2}' preferredEnclaveType is not supported. \nBefore adding the database to the elastic pool, ensure that the preferredEnclaveType is the same for both the database and the elastic pool. More information can be found on https://aka.ms/AlwaysEncryptedEnableSecureEnclaves\n\n * 400 MissingAsymmetricKeyOnTargetServer - Target server does not have access to an asymmetric key.\n\n * 400 MismatchingSubscriptionWithUrl - The provided subscription did not match the subscription in the Url.\n\n * 400 MultipleDroppedDatabasesWithTheSameName - Found multiple dropped databases with the same name on server.\n\n * 400 AzureKeyVaultClientError - The Azure Key Vault client encountered an error.\n\n * 400 AzureKeyVaultClientInfoError - An error occurred while obtaining information for the Azure Key Vault client.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 UnsupportedBackupStorageRedundancy - Specified Backup Storage Redundancy is not supported in target region.\n\n * 400 LTRSterlingToVldbMigrationNotSupported - Cannot change service objective for database to Hyperscale as long-term retention is not yet supported on Hyperscale. Please disable long-term retention on the database and retry.\n\n * 400 HyperscaleReverseMigrationNotSupported - Reverse migration of a Hyperscale database to Sterling hit an unsupported scenario.\n\n * 400 UpdateSloOperationIdDoesNotExist - The action failed because no active update-slo operation detected for server: {0}, database: {1};. Please retry the operation by specifying valid parameters.\n\n * 400 ManualCutoverUnsupported - Invalid use of manual-cutover option. Please check current and requested service objective and retry the operation by specifying valid parameters.\n\n * 404 ResourceNotFound - Invalid request specifying a non-existent resource.\n\n * 404 CrossManagedInstanceDatabaseMovementNotExist - Database movement does not exist.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 409 DedicatedSqlPoolCreationBlockedForServerInNsp - Create and restore operations for SQL dedicated pools (formerly SQL DW) are not supported on servers within a network security perimeter. For more information, see https://go.microsoft.com/fwlink/?linkid=2324168.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidOperationForDatabaseInReplicationRelationship - A replication seeding operation was performed on a database that is already in a replication relationship.\n\n * 409 FreeDbAlreadyExists - Only one free database can exist for a subscription per region.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 SkuAssignmentInProgress - The current assignment request cannot be processed because a previous request has not completed.\n\n * 409 CurrentMemoryUsageExceedsSkuQuota - User attempted an sku update operation that cannot be completed due to the higher resource consumption.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 ServerDtuQuotaExceeded - Could not perform the operation because server would exceed the allowed Database Throughput Unit quota.\n\n * 409 UpdateSloFailedDatabaseTooBusy - Update SLO operation could not complete because database was too busy.\n\n * 409 UnableToAlterDatabaseInReplication - User altered edition on a database in a replication relationship.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 ElasticPoolBusy - A management operation was attempted on an elastic pool which is busy.\n\n * 409 SimultaneousSkuChangeNotAllowed - Service objective change operations cannot run on both databases of a replication relationship at the same time.\n\n * 409 TargetElasticPoolBeingUpdated - The update of elastic pool cannot be started because there is copy operation in progress for one of the databases in this elastic pool\n\n * 409 DatabaseCopyLimitPerReplicaReached - User reached the limit of concurrent database copies.\n\n * 409 ConflictRequestToUpdateBackupRedundancy - A conflict request to change backup storage redundancy is still in progress.\n\n * 409 DatabaseElasticPoolMaintenanceConflict - User tried to create or update a database with a specified maintenance configuration that conflicted with that of the elastic pool of the database.\n\n * 409 SubscriptionVcoreQuotaExceeded - Could not perform the operation because subscription would exceed the allowed vCore quota.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 SystemDatabaseUnsupportedOperation - Unsupported operation for system database.\n\n * 400 ManagedInstanceDatabaseCopyOrMoveToInstanceWithOlderVersionEdition - Operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 XtpServerStateMismatch - Both source and target servers do not support memory optimized data.\n\n * 400 ManagedInstanceDatabaseLimitExceeded - This operation cannot start because specified target managed instance '{0}' already has maximum number of user databases.\n\n * 400 ManagedDatabaseGPFileSizeLimitExceeded - Creating a copy of a managed database on different SQL Managed Instance with General Purpose service tier would violate data file size limit. See: 'https://docs.microsoft.com/azure/azure-sql/managed-instance/resource-limits#service-tier-characteristics'.\n\n * 400 ManagedInstanceGPStorageAccountLimitExceeded - Creating a copy of a database on different SQL Managed Instance with General Purpose service tier would violate storage account size limit. See: 'https://docs.microsoft.com/azure/azure-sql/managed-instance/resource-limits#service-tier-characteristics'.\n\n * 400 TargetInsufficientStorage - Attempt to move/restore/copy database on the destination instance with insufficient space.\n\n * 400 BrokenConnectivityBetweenInstances - Database '{0}' operation failed because there is no network connectivity between source instance '{1}' and target instance '{2}'.\n\n * 400 SubnetOverlapBetweenInstances - Database '{0}' operation failed because there is no connectivity between source and target Azure SQL Managed Instance. This is because the target instance subnet has an overlapping address range with the subnet of the source instance.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 CrossTenantOperationNotSupported - Cross tenant operation is not supported.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 CrossResourceOperationNotSupported - Cross resource operation is not supported.\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceRestoreToInstanceWithOlderVersionEdition - Restore operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 ElasticPoolOverStorageUsage - Attempting to write data to a database when the storage limit of the elastic pool has been reached.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 SourceDatabaseEncryptionProtectorKeyUriRequiredForPerDatabaseCMKCopyOrReplication - Geo secondary database missing AKV of geo primary database\n\n * 400 LtrPoolRestoreNoTargetSlo - Unable to determine target service level objective. If restoring from a long-term retention backup of a database that was in an elastic pool, either target elastic pool name or target service level objective must be supplied. If the source database was dropped, use Azure Powershell to specify the target service level objective.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 CannotMoveOrDropJobAccountDatabase - Cannot drop database associated with job account.\n\n * 400 JobAgentDatabaseEditionUnsupported - The specified database's service level objective is not supported for use as a job agent database.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 InvalidMaxSizeTierCombination - The specified tier does not support the specified database max size.\n\n * 400 InvalidTier - The user specified an invalid tier.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 CannotUpdateIsLedgerDatabase - The ledger property of an existing database cannot be updated.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 ChangeUnsupportedOnEntity - User attempted an unsupported create/update/delete operation on a given entity.\n\n * 400 UpdateNotAllowedInCurrentReplicationState - The operation is disallowed on the database in its current replication state.\n\n * 400 GeoReplicaLimitReached - The per-replica replication limit was reached.\n\n * 400 ReplicationSourceAndTargetMustHaveSameName - The replication source and target databases must have the same name.\n\n * 400 ReplicationSourceAndTargetMustBeInDifferentServers - The replication source and target databases must be in different logical servers.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 InvalidDatabaseCreateMode - Invalid request to create a database.\n\n * 400 TierChangeUnsupportedDueToMemoryOptimizedObject - The database cannot update its sku because it has memory-optimized objects.\n\n * 400 PartnerDBNotCompatibleForSGXEnclave - Attempt to set GeoDR link or update SLO for enclave enabled database is only supported when both database are running on DC-series hardware.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 TierChangeUnsupportedDueToCDCEnabledDatabase - The database cannot update its sku because it is enabled for CDC.\n\n * 400 IsLedgerDatabaseIsNotSupportedOnResourceType - Changing the ledger property is not supported for this resource type.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 InvalidTierSkuCombination - The specified tier does not support the specified sku.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 OfferDisabledOnSubscription - Subscription offer type is restricted from provisioning the requested resource.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PartnerServerNotCompatible - The user is attempting to copy a database from a SAWA V1 server to a Sterling server or vice versa.\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 UnableToCreateGeoChain - User attempted to create secondary database (chaining) even though automatic upload of ledger digests has been configured\n\n * 400 TargetElasticPoolDoesNotExist - The elastic pool does not exist on a server.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 ElasticPoolSkuCombinationInvalid - Elastic pool and sku can be specified together only if sku is specified as 'ElasticPool'.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 ElasticPoolTierCombinationInvalid - The database tier is different than the elastic pool service tier.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 ElasticPoolNameRequired - User tried to create or update database to elastic pool service objective without specifying the name of the elastic pool.\n\n * 400 InvalidReadScaleEdition - User attempted to enable read scale on a database type that does not support it.\n\n * 400 InvalidReadScaleUnits - User attempted to provide a read scale value that is not supported.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 GeoSecondaryMaxSizeUpdateFailed - The geo-secondary database is of a SLO that does not support the requested maxsize value or the geo-secondary is in an unsupported region or an update operation is already in progress on the geo-secondary database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 ElasticPoolInconsistentDtuGuaranteeSettings - Attempting to provide DTU min for databases in the elastic pool that exceeds requested DTUs of the elastic pool.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 ElasticPoolDatabaseCountOverLimit - Attempting to create or add database to elastic pool when the database count limit of the elastic pool has been reached.\n\n * 400 RequestedDatabaseSizeRequiresShrink - User attempted to ALTER DATABASE MODIFY MAXSIZE to modify the MAXSIZE for a database to a smaller size then the current size.\n\n * 400 CannotChangeToOrFromDataWarehouseTier - User attempted to change the sku of a database from DataWarehouse tier to non DataWarehouse tiers or vice versa.\n\n * 400 CurrentDatabaseSizeExceedsDbMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 ElasticPoolDecreaseStorageLimitBelowUsage - Attempting to decrease the storage limit of the elastic pool below its storage usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 UpdateNotAllowedOnPausedDatabase - User attempted to perform an update on a paused database.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 DatabaseNameInUse - Database already exists. Choose a different database name.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SourceDatabaseEditionCouldNotBeUpgraded - The source database cannot have higher edition than the target database.\n\n * 400 TargetDatabaseEditionCouldNotBeDowngraded - The target database cannot have lower edition than the source database.\n\n * 400 UpdateNotAllowedIfGeoDrOperationInProgress - The operation is disallowed because copy or failover operation for database '{0}' on server '{1}' is currently in progress.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 ElasticPoolOverFileSpace - Insufficient file space in the elastic pool.\n\n * 400 InvalidLicenseType - User tried to create or update a database or elastic pool with unsupported license type.\n\n * 400 UnsupportedCapacity - User tried to create or update database with capacity which is not supported.\n\n * 400 RestoreToFreeEditionNotSupported - Restore and GeoRestore target cannot be free database.\n\n * 400 RestoreNotSupportedForFreeEdition - Restore and GeoRestore are not supported for free database.\n\n * 400 InvalidDroppedDatabase - Source database dropped does not exist on server within the supported recovery period.\n\n * 400 InvalidLiveDatabase - Source database does not exist on server within the supported recovery period. If restoring a dropped database, please specify its deletion date.\n\n * 400 InvalidVldbRecoverySlo - The Hyperscale edition recovery requires both source and target databases to use Hyperscale service level objective.\n\n * 400 CannotUpdateToFreeDatabase - Updating a database to the free sku is not supported.\n\n * 400 InvalidVldbRestoreSlo - The Hyperscale edition Point-In-Time restore requires both source and target databases to use Hyperscale service level objective.\n\n * 400 CannotSpecifyPoolOrSlo - Specifying an elastic pool and/or changing the service level objective or edition is not supported for edition.\n\n * 400 InvalidBackupStorageAccountType - User passed zrs/lrs during create/update of a database but it failed either because the customer is not whitelisted or because zrs is not available in the specified region.\n\n * 400 DatabaseInvalidSkuPropertyCombination - The properties of the requested sku are inconsistent. Please check that a valid combination is specified. See https://docs.microsoft.com/en-us/rest/api/sql/capabilities/listbylocation#serviceobjectivecapability for more details.\n\n * 400 DatabaseNamedReplicaPerDatabaseLimitExceeded - User tried create a named replica that would exceed the allowed number per primary database\n\n * 400 UnsupportedBackupStorageRedundancyForEdition - The requested backup storage redundancy is not supported for edition\n\n * 400 DatabaseIsCurrentlyPinned - Microsoft has pinned your database SQL Server engine version. To ensure your database does not hit production issues, any future scale operations on your database will be blocked until it has been un-pinned. Please contact Microsoft support for assistance with scaling.\n\n * 400 RestoreTargetEditionSizeInsufficient - User attempted to restore a database to an edition that is a smaller size than the current allocated size of the source.\n\n * 400 DatabaseCreationBlockedForNonActivatedCMKServer - SQL Pool creations are blocked for CMK enabled workspaces until the workspace is activated. First, enable purge protection and grant the workspace Managed Identity the required permissions (Get, Wrap Key, Unwrap Key) on the Azure Key Vault of the workspace key. Next, activate your workspace after you have granted access.\n\n * 400 InvalidIdentityId - One or more identity id(s) provided are not valid ARM resource id(s). Please input valid id(s) and try again.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 InvalidNumberOfIdentities - Only one user assigned managed identity is supported at the Database Level.\n\n * 400 NoRestorePointAvailable - The source database has not yet accomplished its first backup in order to support restore operations. Please retry the restore request later.\n\n * 400 DatabaseNamedReplicaChainingNotAllowed - User tried to create a named replica of a named replica which is not allowed.\n\n * 400 DatabaseNamedReplicaInvalidOperation - User attempted an unsupported operation on a named replica.\n\n * 400 DatabaseNamedReplicaInvalidSourceDatabase - User attempted to create a named replica in a different subscription or region than the source database.\n\n * 400 DatabaseNamedReplicaSourceDatabaseNotZoneRedundant - Zone Redundancy cannot be enabled on this Named Replica since the primary Hyperscale Database is not zone redundant.\n\n * 400 CannotAssignIdentityToMaster - Cannot assign an identity to a system database. Database identity cannot be assigned to 'master', 'model', 'tempdb', 'msdb', or 'resource' databases.\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 CrossTierDatabaseOperationNotSupported - Operation not supported.\n\n * 400 MissingThumbprintCrm - The restore operation of a CRM database failed because a required TDE certificate was missing. Please retry the restore operation to an existing elastic pool.\n\n * 400 ElasticPoolOverStorage - Attempting to write data to a database when the storage limit of the elastic pool has been reached.\n\n * 400 RestoreTargetEditionSizeInsufficientV2 - User attempted to restore a database to an edition that is a smaller size than the allocated size of the restored database.\n\n * 400 ResourcePoolStorageLimitHitDuringRestore - The restored database can't be restored into the resource pool due to the remaining storage capacity in the pool.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 PerDatabaseCMKGeoReplicationNotSupported - Geo Replication and Database Copy is not supported when Database-level CMK is configured in preview.\n\n * 400 InvalidStandbyGeoEdition - User attempted to create a DTU based standby geo.\n\n * 400 ElasticPoolInconsistentVcoreGuaranteeSettings - The number of databases and VCore min per database cannot exceed requested VCores of the elastic pool.\n\n * 400 GeoRestoreBackupStorageTypeNotSupported - Database recovery requests are invalid when issued against a database that is not configured to use geo-redundant backup storage.\n\n * 400 RestoreHyperscaleToNonHyperscale - Restoring a Hyperscale database backup to a non-Hyperscale service tier or vice versa is not supported.\n\n * 400 SubscriptionDoesNotHaveAccessToServer - The subscription does not have access to the specified server(s)\n\n * 400 RecoveryPointDoesNotExist - The specified recovery point either does not exist or is not valid.\n\n * 400 LtrBackupNotFound - The specified long term retention backup does not exist.\n\n * 400 InvalidPointInTime - The specified point in time is not valid for the database.\n\n * 400 GeoRestoreCannotResolveTargetCluster - Cannot resolve target cluster for server\n\n * 400 CannotSpecifyEditionOrSloWhenRestoringToPool - Specifying the target service level objective or edition is not supported when restoring to an elastic pool.\n\n * 400 RestoreNotSupportedForGeoDrSecondary - Point-in-time restore and database recovery operations are not supported on databases that are currently configured as geo-secondaries.\n\n * 400 DatabaseNamedReplicaBackupRetentionConfigurationNotSupported - User attempted configuring backup retention policy on a Named Replica.\n\n * 400 GeoRedundantBackupsNotPermittedForSubscription - Geo-redundant backup storage is blocked for all databases under subscription '{0}' by preview feature 'Azure SQL Database Block Geo-redundant Backup Storage'. Please select a different backup storage redundancy.\n\n * 400 RestoreHyperscaleToNonHyperscaleElasticPool - Restoring a Hyperscale database to an elastic pool which is not Hyperscale or restoring a database which is not Hyperscale to a Hyperscale elastic pool is not supported.\n\n * 400 RestoreIneligibleDatabaseName - The specified target database name, '{0}', is reserved and cannot be used in a restore operation.\n\n * 400 RestoreNotSupportedForSystemDb - Restore and database recovery are not supported for system databases.\n\n * 400 RestoreIneligibleDroppedDatabaseShortLifespan - The source database, '{0}', dropped on '{1}', has not existed long enough to support restores.\n\n * 400 RestoreIneligibleLiveDatabaseShortLifespan - The source database, '{0}', has not yet accomplished its first backup in order to support restore operations. Please wait until at least the indicated earliest restore date '{1}' and resubmit the request.\n\n * 400 RestoreCrossServerDisabled - For point-in-time restores, the target logical server must be the same as the source logical server. Consider restoring to the source database's server, or using database copy or database recovery.\n\n * 400 RestoreSameServerRecoveryDisabled - Same-server recovery is currently not supported. Consider using point-in-time restore or recovering to a different server.\n\n * 400 RestoreNotSupportedFromLtrBackupToEdition - Restore from long-term retention backup to '{0}' edition not supported.\n\n * 400 RestoreNotSupportedFromExternalBackupToEdition - Restore from external backup to '{0}' edition not supported.\n\n * 400 UpdateToServerlessIfLtrIsNotDisabled - Enabling auto-pause for a serverless database is not supported if long-term backup retention is enabled.\n\n * 400 DuplicateRestoreOperation - A restore request with the same target database name '{0}' on server '{1}' already exists.\n\n * 400 ExternalBackupUriMalformed - The external backup storage container URI is malformed.\n\n * 400 ExternalBackupUriHostNotAllowed - The host name for the external backup storage container URI is not allowed.\n\n * 400 ExternalBackupUriInvalidSchemeOrPort - The external backup storage container URI uses an invalid scheme or port. Please use https and port 443.\n\n * 400 ExternalBackupVldbUnsupported - Hyperscale does not support external backup restore requests.\n\n * 400 CannotMoveOrDropSyncMetadataDatabase - Cannot drop database used as sync metadata database.\n\n * 400 InvalidPitrPriorToVldbMigration - For database '{0}', specified point-in-time '{1}' is prior to the Hyperscale migration time of '{2}'. Please specify a target edition or service level objective which is not Hyperscale when restoring to a point earlier than the Hyperscale migration.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 BlockRestoreOnVldbGeoSecondary - Restore of Hyperscale database where source database is geo-secondary is not allowed.\n\n * 400 BackupSetNotFound - No backups were found to restore the database. Please contact support to restore the database.\n\n * 400 IncorrectAccessToAzureKeyVault - Target server does not have access to all AKV Uris created during the backup time.\n\n * 400 RestoreFailureSqlInstanceUnhealthy - Unable to connect to the instance in order to perform restore operation.\n\n * 400 BackupSetBroken - Backup set is broken.\n\n * 400 TimeoutDuringRestore - A timeout was encountered while trying to connect to the restore target.\n\n * 400 BrokenRestorePlanGapInLogBackups - The restore plan is broken because firstLsn of current log backup is not equal to lastLsn of prev log backup.\n\n * 400 FullBackupMissingChecksum - Provided full backup is missing checksum.\n\n * 400 RequiredBackupIsNotLastRestored - Migration cannot be completed because provided backup file name is not the name of the last backup file that is restored.\n\n * 400 IncompatiblePhysicalLayoutNonOnlineDataFilesExist - Database backup contains incompatible physical layout. Non-online data files exist.\n\n * 400 IncompatiblePhysicalLayoutWrongNumberOfLogFiles - Database backup contains incompatible physical layout. Multiple log files are not supported.\n\n * 400 BackupSetNotFoundRecentPit - No backups were found to restore the database to the specified point in time. Please retry the operation. If the problem persists, contact support to restore the database.\n\n * 400 InvalidPublicMaintenanceConfiguration - User tried to specify public maintenance configuration which cannot be converted to internal id (malformed or wrong region).\n\n * 400 MaintenanceWindowNotSupportedForNamedReplica - User tried to create or update named replica with non-default maintenance window which is not supported.\n\n * 400 InvalidStandbyGeoReadScale - User attempted to enable read scale on a standby geo database that does not support it.\n\n * 400 PerDatabaseCMKKeyRotationAttemptedWhileOldThumbprintInUse - Key Rotation for the TDE Protector at the database level is blocked when active transactions are holding up the log encrypted with old keys. Please refer to aka.ms/azuresqldbkeyrotation for possible strategies to workaround this issue.\n\n * 400 PerDBCMKNotSupportedWithLTR - Database-level CMK is not supported when Long-term Backup Retention is enabled on the database.\n\n * 400 VBSEnclaveNotSupportedForDW - The preferredEnclaveType is not supported for dedicated SQL Pools.\n\n * 400 VBSEnclaveNotSupportedForDCSeriesSLO - Configuring the 'VBS' preferredEnclaveType for databases using the DC-series hardware configuration is not supported. DC-series databases are pre-configured with Intel SGX enclaves. Virtualization based security (VBS) enclaves are not supported.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutDatabaseLevelEncryptionProtector - Database-level encryption protector must be set on the target database while attempting to copy or replicate a database encrypted with a database level key.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 PerDatabaseCMKGeoPrimaryIsNotConfiguredWithDatabaseLevelEncryptionProtector - The geo-primary database must be configured with a database level encryption protector before setting a database level encryption protector on the geo-secondary.\n\n * 400 ElasticJobsNotSupportedOnAutoPauseEnabledDatabase - Auto-pause enabled serverless database is not supported as an Elastic Jobs database because job agent would prevent that database from pausing. You can either disable auto-pause on this serverless database or delete the job agent that is using this database. See here for more details: https://docs.microsoft.com/azure/azure-sql/database/serverless-tier-overview#auto-pausing\n\n * 400 VBSEnclaveNotSupportedForGeoReplicationWithDefaultEnclave - Configuring geo-replication is not supported for databases using different values of the preferredEnclaveType property. The primary '{0}' database on the '{1}' server uses the '{2}' preferredEnclaveType, whereas the specified preferredEnclaveType for the secondary '{3}' database on the '{4}' server is '{5}'.\n\n * 400 VBSEnclaveNotSupportedForPlannedFailoverBetweenDatabasesWithDifferentPreferredEnclaveTypes - Planned failover between primary and secondary database with different preferredEnclaveType is not supported for Virtualization-based security (VBS) enclaves.\n\n * 400 PerDatabaseCMKGeoPrimaryIsConfiguredWithDatabaseLevelEncryptionProtector - The geo-primary database must not be configured with a database level encryption protector when failing over to a geo-secondary without a database level encryption protector.\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 VBSEnclaveResourcePoolInvalidCombination - Adding a database with '{0}' preferredEnclaveType to an elastic pool '{1}' with '{2}' preferredEnclaveType is not supported. \nBefore adding the database to the elastic pool, ensure that the preferredEnclaveType is the same for both the database and the elastic pool. More information can be found on https://aka.ms/AlwaysEncryptedEnableSecureEnclaves\n\n * 400 MissingAsymmetricKeyOnTargetServer - Target server does not have access to an asymmetric key.\n\n * 400 MismatchingSubscriptionWithUrl - The provided subscription did not match the subscription in the Url.\n\n * 400 MultipleDroppedDatabasesWithTheSameName - Found multiple dropped databases with the same name on server.\n\n * 400 AzureKeyVaultClientError - The Azure Key Vault client encountered an error.\n\n * 400 AzureKeyVaultClientInfoError - An error occurred while obtaining information for the Azure Key Vault client.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 UnsupportedBackupStorageRedundancy - Specified Backup Storage Redundancy is not supported in target region.\n\n * 400 LTRSterlingToVldbMigrationNotSupported - Cannot change service objective for database to Hyperscale as long-term retention is not yet supported on Hyperscale. Please disable long-term retention on the database and retry.\n\n * 400 HyperscaleReverseMigrationNotSupported - Reverse migration of a Hyperscale database to Sterling hit an unsupported scenario.\n\n * 400 UpdateSloOperationIdDoesNotExist - The action failed because no active update-slo operation detected for server: {0}, database: {1};. Please retry the operation by specifying valid parameters.\n\n * 400 ManualCutoverUnsupported - Invalid use of manual-cutover option. Please check current and requested service objective and retry the operation by specifying valid parameters.\n\n * 404 ResourceNotFound - Invalid request specifying a non-existent resource.\n\n * 404 CrossManagedInstanceDatabaseMovementNotExist - Database movement does not exist.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 409 DedicatedSqlPoolCreationBlockedForServerInNsp - Create and restore operations for SQL dedicated pools (formerly SQL DW) are not supported on servers within a network security perimeter. For more information, see https://go.microsoft.com/fwlink/?linkid=2324168.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidOperationForDatabaseInReplicationRelationship - A replication seeding operation was performed on a database that is already in a replication relationship.\n\n * 409 FreeDbAlreadyExists - Only one free database can exist for a subscription per region.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 SkuAssignmentInProgress - The current assignment request cannot be processed because a previous request has not completed.\n\n * 409 CurrentMemoryUsageExceedsSkuQuota - User attempted an sku update operation that cannot be completed due to the higher resource consumption.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 ServerDtuQuotaExceeded - Could not perform the operation because server would exceed the allowed Database Throughput Unit quota.\n\n * 409 UpdateSloFailedDatabaseTooBusy - Update SLO operation could not complete because database was too busy.\n\n * 409 UnableToAlterDatabaseInReplication - User altered edition on a database in a replication relationship.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 ElasticPoolBusy - A management operation was attempted on an elastic pool which is busy.\n\n * 409 SimultaneousSkuChangeNotAllowed - Service objective change operations cannot run on both databases of a replication relationship at the same time.\n\n * 409 TargetElasticPoolBeingUpdated - The update of elastic pool cannot be started because there is copy operation in progress for one of the databases in this elastic pool\n\n * 409 DatabaseCopyLimitPerReplicaReached - User reached the limit of concurrent database copies.\n\n * 409 ConflictRequestToUpdateBackupRedundancy - A conflict request to change backup storage redundancy is still in progress.\n\n * 409 DatabaseElasticPoolMaintenanceConflict - User tried to create or update a database with a specified maintenance configuration that conflicted with that of the elastic pool of the database.\n\n * 409 SubscriptionVcoreQuotaExceeded - Could not perform the operation because subscription would exceed the allowed vCore quota.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedDatabaseRestoreDetails.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedDatabaseRestoreDetails.json index b071aff07853..11024325ee6a 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedDatabaseRestoreDetails.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedDatabaseRestoreDetails.json @@ -62,7 +62,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 RestoreDetailsNotAvailableOrExpired - Requested restore details are not available, or have expired.\n\n * 400 TimeoutDuringRestore - A timeout was encountered while trying to connect to the restore target.\n\n * 400 AutoCompleteMissingLastBackupName - Auto complete restore request must have lastBackupName parameter provided.\n\n * 400 MissingThumbprint - Can not find server certificate.\n\n * 400 BlobStorageServerFailure - Blob storage server failure has occurred.\n\n * 400 BackupSetNotFound - No backups were found to restore the database. Please contact support to restore the database.\n\n * 400 FullBackupNotFound - Full backup can not be found.\n\n * 400 RestoreFromStripedBackupsNotEnabled - Restoring from striped backups is not supported.\n\n * 400 BrokenRestorePlanNoFullBackup - The restore plan is broken because there is no full backup.\n\n * 400 BrokenRestorePlanWrongLogBackupLSN - The restore plan is broken because firstLsn of current log backup is not <= lastLsn of next log backup.\n\n * 400 BrokenRestorePlanWrongDiffBackupLSN - The restore plan is broken because firstLsn of diff backup is not >= firstLsn of full backup.\n\n * 400 BrokenRestorePlanGapInLogBackups - The restore plan is broken because firstLsn of current log backup is not equal to lastLsn of prev log backup.\n\n * 400 TargetServerDoesNotExist - The target server {0} does not exist or is not ready yet. Please check that it exists and retry the restore request.\n\n * 400 TargetServerRestoreNotAllowed - The target server {0} is currently not in a state that allows a restore to be started.\n\n * 400 XtpInitializedDuringRestore - Memory-optimized filegroup must be empty in order to be restored on General Purpose tier of SQL Database Managed Instance.\n\n * 400 FullBackupMissingChecksum - Provided full backup is missing checksum.\n\n * 400 FullBackupDamaged - Provided full backup is damaged.\n\n * 400 MissingStripeInBackupSet - Provided backup set has one or more missing stripes.\n\n * 400 BackupsFromMultipleDatabasesDetectedInTheContainerWhileRestoreInProgress - There are backups from multiple databases in the container folder. Please make sure the container folder has backups from a single database.{0}\n\n * 400 BrokenRestorePlanWrongDiffBaseGUID - The restore plan is broken because DifferentialBaseGuid of diff backup does not match BackupSetGuid of full backup.\n\n * 400 CorruptedPagesInBackupSet - Operation was aborted because RESTORE detected one or more corrupted pages in the backup set.\n\n * 400 ManagedIdentityIssueDetectedWhileRestoreInProgress - Managed identity is not set up properly. Please verify and try again.\n\n * 400 CorruptedPagesListMaintenance - Operation was aborted because an internal error occurred while processing the backup taken without checksum.\n\n * 400 StorageBrokenIssueDetectedWhileInProgress - Storage connection is broken. Retrying automatically...\n\n * 400 PartiallyContainedDatabaseUnsupported - \"Backup for a partially contained database is not supported.\"\n\n * 400 RequiredBackupIsNotLastRestored - Migration cannot be completed because provided backup file name is not the name of the last backup file that is restored.\n\n * 400 ManagedInstanceStorageLimitHit - The managed instance has reached its storage limit.\n\n * 400 IncompatiblePhysicalLayoutTooFewDataFiles - Database backup contains incompatible physical layout. No data files are found in the backup.\n\n * 400 IncompatiblePhysicalLayoutNonOnlineDataFilesExist - Database backup contains incompatible physical layout. Non-online data files exist.\n\n * 400 IncompatiblePhysicalLayoutWrongNumberOfLogFiles - Database backup contains incompatible physical layout. Multiple log files are not supported.\n\n * 400 IncompatiblePhysicalLayoutNonOnlineLogFilesExist - Database backup contains incompatible physical layout. Non-online log files exist.\n\n * 400 IncompatiblePhysicalLayoutTooManyNonDataLogFiles - Database backup contains incompatible physical layout. Too many non-data/log files.\n\n * 400 ExternalBackupAlreadySignaledToComplete - The restore request has already been signaled to complete.\n\n * 400 ExternalBackupRestoreHasNotBeenStarted - The restore request can only be completed once the restore has started.\n\n * 400 ExternalBackupUpgradeInProgress - The restore request cannot be completed, since upgrade is in progress.\n\n * 400 IncompatiblePhysicalLayoutTooManyXTPFiles - Database backup contains incompatible physical layout. Multiple files found in the filegroup that contains MEMORY_OPTIMIZED_DATA.\n\n * 400 BlobStorageFailure - Blob storage failure has occurred.\n\n * 400 BackupsFromMultipleDatabasesDetectedInTheContainerFromTheStart - There are backups from multiple databases in the container folder. Please make sure the container folder has backups from a single database.{0}\n\n * 400 ManagedIdentityIssueDetectedFromTheStart - Managed identity is not set up properly. Please verify and try again.\n\n * 400 StorageBrokenIssueDetectedAtTheStart - Storage connection is broken. Please verify and try again.\n\n * 400 StorageBrokenIssueDetectedTerminateRetries - Storage connection is still broken. Please verify and try again.\n\n * 400 BackupSetBroken - Backup set is broken.\n\n * 400 SqlRestoreError - Non retriable error occurred while restoring backup.\n\n * 400 ManagedDatabaseNotInRestoringState - Managed database is not in Restoring state.", + "description": "*** Error Responses: ***\n\n * 400 RestoreDetailsNotAvailableOrExpired - Requested restore details are not available, or have expired.\n\n * 400 TimeoutDuringRestore - A timeout was encountered while trying to connect to the restore target.\n\n * 400 AutoCompleteMissingLastBackupName - Auto complete restore request must have lastBackupName parameter provided.\n\n * 400 MissingThumbprint - Can not find server certificate.\n\n * 400 BlobStorageServerFailure - Blob storage server failure has occurred.\n\n * 400 MissingIdentityForAzureKeyVault - Target server does not have an identity to access Azure Key Vault\n\n * 400 BackupSetNotFound - No backups were found to restore the database. Please contact support to restore the database.\n\n * 400 FullBackupNotFound - Full backup can not be found.\n\n * 400 RestoreFromStripedBackupsNotEnabled - Restoring from striped backups is not supported.\n\n * 400 BrokenRestorePlanNoFullBackup - The restore plan is broken because there is no full backup.\n\n * 400 BrokenRestorePlanWrongLogBackupLSN - The restore plan is broken because firstLsn of current log backup is not <= lastLsn of next log backup.\n\n * 400 BrokenRestorePlanWrongDiffBackupLSN - The restore plan is broken because firstLsn of diff backup is not >= firstLsn of full backup.\n\n * 400 BrokenRestorePlanGapInLogBackups - The restore plan is broken because firstLsn of current log backup is not equal to lastLsn of prev log backup.\n\n * 400 TargetServerDoesNotExist - The target server {0} does not exist or is not ready yet. Please check that it exists and retry the restore request.\n\n * 400 TargetServerRestoreNotAllowed - The target server {0} is currently not in a state that allows a restore to be started.\n\n * 400 XtpInitializedDuringRestore - Memory-optimized filegroup must be empty in order to be restored on General Purpose tier of SQL Database Managed Instance.\n\n * 400 FullBackupMissingChecksum - Provided full backup is missing checksum.\n\n * 400 FullBackupDamaged - Provided full backup is damaged.\n\n * 400 MissingStripeInBackupSet - Provided backup set has one or more missing stripes.\n\n * 400 BackupsFromMultipleDatabasesDetectedInTheContainerWhileRestoreInProgress - There are backups from multiple databases in the container folder. Please make sure the container folder has backups from a single database.{0}\n\n * 400 BrokenRestorePlanWrongDiffBaseGUID - The restore plan is broken because DifferentialBaseGuid of diff backup does not match BackupSetGuid of full backup.\n\n * 400 CorruptedPagesInBackupSet - Operation was aborted because RESTORE detected one or more corrupted pages in the backup set.\n\n * 400 ManagedIdentityIssueDetectedWhileRestoreInProgress - Managed identity is not set up properly. Please verify and try again.\n\n * 400 CorruptedPagesListMaintenance - Operation was aborted because an internal error occurred while processing the backup taken without checksum.\n\n * 400 StorageBrokenIssueDetectedWhileInProgress - Storage connection is broken. Retrying automatically...\n\n * 400 PartiallyContainedDatabaseUnsupported - \"Backup for a partially contained database is not supported.\"\n\n * 400 RequiredBackupIsNotLastRestored - Migration cannot be completed because provided backup file name is not the name of the last backup file that is restored.\n\n * 400 ManagedInstanceStorageLimitHit - The managed instance has reached its storage limit.\n\n * 400 IncompatiblePhysicalLayoutTooFewDataFiles - Database backup contains incompatible physical layout. No data files are found in the backup.\n\n * 400 IncompatiblePhysicalLayoutNonOnlineDataFilesExist - Database backup contains incompatible physical layout. Non-online data files exist.\n\n * 400 IncompatiblePhysicalLayoutWrongNumberOfLogFiles - Database backup contains incompatible physical layout. Multiple log files are not supported.\n\n * 400 IncompatiblePhysicalLayoutNonOnlineLogFilesExist - Database backup contains incompatible physical layout. Non-online log files exist.\n\n * 400 IncompatiblePhysicalLayoutTooManyNonDataLogFiles - Database backup contains incompatible physical layout. Too many non-data/log files.\n\n * 400 ExternalBackupAlreadySignaledToComplete - The restore request has already been signaled to complete.\n\n * 400 ExternalBackupRestoreHasNotBeenStarted - The restore request can only be completed once the restore has started.\n\n * 400 ExternalBackupUpgradeInProgress - The restore request cannot be completed, since upgrade is in progress.\n\n * 400 IncompatiblePhysicalLayoutTooManyXTPFiles - Database backup contains incompatible physical layout. Multiple files found in the filegroup that contains MEMORY_OPTIMIZED_DATA.\n\n * 400 BlobStorageFailure - Blob storage failure has occurred.\n\n * 400 BackupsFromMultipleDatabasesDetectedInTheContainerFromTheStart - There are backups from multiple databases in the container folder. Please make sure the container folder has backups from a single database.{0}\n\n * 400 ManagedIdentityIssueDetectedFromTheStart - Managed identity is not set up properly. Please verify and try again.\n\n * 400 StorageBrokenIssueDetectedAtTheStart - Storage connection is broken. Please verify and try again.\n\n * 400 StorageBrokenIssueDetectedTerminateRetries - Storage connection is still broken. Please verify and try again.\n\n * 400 BackupSetBroken - Backup set is broken.\n\n * 400 SqlRestoreError - Non retriable error occurred while restoring backup.\n\n * 400 ManagedDatabaseNotInRestoringState - Managed database is not in Restoring state.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedDatabaseTransparentDataEncryption.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedDatabaseTransparentDataEncryption.json index 5aafb78d0ada..32a00b7ac477 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedDatabaseTransparentDataEncryption.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedDatabaseTransparentDataEncryption.json @@ -56,7 +56,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 AttemptedEncryptionOnSystemDatabase - Cannot encrypt a system database. Database encryption operations cannot be performed for 'master', 'model', 'tempdb', 'msdb', or 'resource' databases.\n\n * 400 ReadOnly - Cannot enable or modify database encryption on a database that is read-only, has read-only files or is not recovered.\n\n * 400 CanNotChangeReadOnlyDuringTdeScan - Cannot modify filegroup read-only/read-write state while an encryption transition is in progress.\n\n * 400 CanNotDropAlterOnMirror - Please modify Transparent Data Encryption on the primary databases.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 EncryptionInProgress - Cannot modify encryption while an encryption scan in progress.\n\n * 409 KeyChangeInProgress - Cannot change database encryption key while an encryption, decryption, or key change scan is in progress.\n\n * 409 NoBulkOperationLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on database. Try again later.\n\n * 409 NeedsLogBackup - Please wait several minutes for a log backup to occur. \n\n * 409 AltStateConflict - The operation cannot be performed on database because it is involved in a database mirroring session or an availability group. Some operations are not allowed on a database that is participating in a database mirroring session or in an availability group.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 NoDekLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on the database. Try again later.", + "description": "*** Error Responses: ***\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 AttemptedEncryptionOnSystemDatabase - Cannot encrypt a system database. Database encryption operations cannot be performed for 'master', 'model', 'tempdb', 'msdb', or 'resource' databases.\n\n * 400 ReadOnly - Cannot enable or modify database encryption on a database that is read-only, has read-only files or is not recovered.\n\n * 400 CanNotChangeReadOnlyDuringTdeScan - Cannot modify filegroup read-only/read-write state while an encryption transition is in progress.\n\n * 400 CanNotDropAlterOnMirror - Please modify Transparent Data Encryption on the primary databases.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 EncryptionInProgress - Cannot modify encryption while an encryption scan in progress.\n\n * 409 KeyChangeInProgress - Cannot change database encryption key while an encryption, decryption, or key change scan is in progress.\n\n * 409 NoBulkOperationLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on database. Try again later.\n\n * 409 NeedsLogBackup - Please wait several minutes for a log backup to occur. \n\n * 409 AltStateConflict - The operation cannot be performed on database because it is involved in a database mirroring session or an availability group. Some operations are not allowed on a database that is participating in a database mirroring session or in an availability group.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 NoDekLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on the database. Try again later.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -126,7 +126,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 AttemptedEncryptionOnSystemDatabase - Cannot encrypt a system database. Database encryption operations cannot be performed for 'master', 'model', 'tempdb', 'msdb', or 'resource' databases.\n\n * 400 ReadOnly - Cannot enable or modify database encryption on a database that is read-only, has read-only files or is not recovered.\n\n * 400 CanNotChangeReadOnlyDuringTdeScan - Cannot modify filegroup read-only/read-write state while an encryption transition is in progress.\n\n * 400 CanNotDropAlterOnMirror - Please modify Transparent Data Encryption on the primary databases.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 EncryptionInProgress - Cannot modify encryption while an encryption scan in progress.\n\n * 409 KeyChangeInProgress - Cannot change database encryption key while an encryption, decryption, or key change scan is in progress.\n\n * 409 NoBulkOperationLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on database. Try again later.\n\n * 409 NeedsLogBackup - Please wait several minutes for a log backup to occur. \n\n * 409 AltStateConflict - The operation cannot be performed on database because it is involved in a database mirroring session or an availability group. Some operations are not allowed on a database that is participating in a database mirroring session or in an availability group.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 NoDekLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on the database. Try again later.", + "description": "*** Error Responses: ***\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 AttemptedEncryptionOnSystemDatabase - Cannot encrypt a system database. Database encryption operations cannot be performed for 'master', 'model', 'tempdb', 'msdb', or 'resource' databases.\n\n * 400 ReadOnly - Cannot enable or modify database encryption on a database that is read-only, has read-only files or is not recovered.\n\n * 400 CanNotChangeReadOnlyDuringTdeScan - Cannot modify filegroup read-only/read-write state while an encryption transition is in progress.\n\n * 400 CanNotDropAlterOnMirror - Please modify Transparent Data Encryption on the primary databases.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 EncryptionInProgress - Cannot modify encryption while an encryption scan in progress.\n\n * 409 KeyChangeInProgress - Cannot change database encryption key while an encryption, decryption, or key change scan is in progress.\n\n * 409 NoBulkOperationLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on database. Try again later.\n\n * 409 NeedsLogBackup - Please wait several minutes for a log backup to occur. \n\n * 409 AltStateConflict - The operation cannot be performed on database because it is involved in a database mirroring session or an availability group. Some operations are not allowed on a database that is participating in a database mirroring session or in an availability group.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 NoDekLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on the database. Try again later.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -200,7 +200,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 AttemptedEncryptionOnSystemDatabase - Cannot encrypt a system database. Database encryption operations cannot be performed for 'master', 'model', 'tempdb', 'msdb', or 'resource' databases.\n\n * 400 ReadOnly - Cannot enable or modify database encryption on a database that is read-only, has read-only files or is not recovered.\n\n * 400 CanNotChangeReadOnlyDuringTdeScan - Cannot modify filegroup read-only/read-write state while an encryption transition is in progress.\n\n * 400 CanNotDropAlterOnMirror - Please modify Transparent Data Encryption on the primary databases.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidTransparentDataEncryptionUpdateRequest - Please enter a valid state. Please use \"Enabled\" or \"Disabled\".\n\n * 400 InvalidTransparentDataEncryptionName - The transparent data encryption key name is not supported.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 EncryptionInProgress - Cannot modify encryption while an encryption scan in progress.\n\n * 409 KeyChangeInProgress - Cannot change database encryption key while an encryption, decryption, or key change scan is in progress.\n\n * 409 NoBulkOperationLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on database. Try again later.\n\n * 409 NeedsLogBackup - Please wait several minutes for a log backup to occur. \n\n * 409 AltStateConflict - The operation cannot be performed on database because it is involved in a database mirroring session or an availability group. Some operations are not allowed on a database that is participating in a database mirroring session or in an availability group.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 NoDekLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on the database. Try again later.", + "description": "*** Error Responses: ***\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 AttemptedEncryptionOnSystemDatabase - Cannot encrypt a system database. Database encryption operations cannot be performed for 'master', 'model', 'tempdb', 'msdb', or 'resource' databases.\n\n * 400 ReadOnly - Cannot enable or modify database encryption on a database that is read-only, has read-only files or is not recovered.\n\n * 400 CanNotChangeReadOnlyDuringTdeScan - Cannot modify filegroup read-only/read-write state while an encryption transition is in progress.\n\n * 400 CanNotDropAlterOnMirror - Please modify Transparent Data Encryption on the primary databases.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidTransparentDataEncryptionUpdateRequest - Please enter a valid state. Please use \"Enabled\" or \"Disabled\".\n\n * 400 InvalidTransparentDataEncryptionName - The transparent data encryption key name is not supported.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 EncryptionInProgress - Cannot modify encryption while an encryption scan in progress.\n\n * 409 KeyChangeInProgress - Cannot change database encryption key while an encryption, decryption, or key change scan is in progress.\n\n * 409 NoBulkOperationLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on database. Try again later.\n\n * 409 NeedsLogBackup - Please wait several minutes for a log backup to occur. \n\n * 409 AltStateConflict - The operation cannot be performed on database because it is involved in a database mirroring session or an availability group. Some operations are not allowed on a database that is participating in a database mirroring session or in an availability group.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 NoDekLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on the database. Try again later.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedDatabases.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedDatabases.json index a2670ffb1890..b820aa65a5e7 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedDatabases.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedDatabases.json @@ -145,7 +145,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 CannotUpdateIsLedgerDatabase - The ledger property of an existing database cannot be updated.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 InvalidDatabaseCreateOrUpdateRequest - The request body for the create or update database operation is invalid.\n\n * 400 InvalidResourceId - Invalid resource identifier.\n\n * 400 InvalidSourceDatabaseId - Invalid source database identifier.\n\n * 400 InvalidRestorableDroppedDatabaseId - Invalid restorable dropped database identifier\n\n * 400 InvalidCrossSubscriptionTargetManagedInstanceId - Invalid cross subscription target managed instance identifier.\n\n * 400 MismatchingResourceGroupNameWithUrl - The provided resource group name did not match the name in the Url.\n\n * 400 MismatchingServerNameWithUrl - The provided server name did not match the name in the Url.\n\n * 400 MismatchingSubscriptionWithUrl - The provided subscription did not match the subscription in the Url.\n\n * 400 MissingCollation - Collation is required.\n\n * 400 MissingSourceDatabaseId - Missing source database identifier.\n\n * 400 MissingRestorePointInTime - Missing restore point in time\n\n * 400 MissingStorageContainerSasToken - Missing storage container SAS token\n\n * 400 MissingStorageContainerUri - Missing storage container URI\n\n * 400 RestorableDroppedDatabaseIdGivenForRestoreWithSourceDatabaseId - Cannot specify restorableDroppedDatabaseId when sourceDatabaseId is already given in restore create mode\n\n * 400 CrossSubscriptionRestorableDroppedDatabaseIdGivenForRestoreWithCrossSubscriptionSourceDatabaseId - Cannot specify crossSubscriptionRestorableDroppedDatabaseId when crossSubscriptionSourceDatabaseId is already given.\n\n * 400 MissmatchingCrossSubscriptionTargetManagedInstanceIdWithUrl - The provided crossSubscriptionTargetManagedInstanceId must match the instance in the URL.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidLongTermRetentionManagedInstanceBackupId - Invalid long term retention backup identifier for Managed Instances.\n\n * 400 LongTermRetentiontBackupOperationResultsInvalidODataQuery - The specified OData query is either not valid or not supported\n\n * 400 LTRBackupNotExists - The operation could not be completed because the backup does not exist.\n\n * 400 LongTermRetentionMigrationBackupStorageRedundancyNotAllowed - Changing backup storage redundancy is not allowed for LTR Copy operations.\n\n * 400 LtrRestoreFailedArchiveStorageTier - Restoring archived long-term retention backup is not supported. Restore can be performed only on rehydrated or regular long-term retention backups.\n\n * 400 LtrArchiveStorageTierNotEnabled - Archiving long-term retention backups is not enabled.\n\n * 400 LtrArchiveWrongParameters - ChangeLongTermRetentionBackupAccessTier is not supported for the desired (backupStorageAccessTier, operationMode) combination. Only (Archive, Move) and (Hot, Copy) are allowed.\n\n * 400 LTRArchiveRedundancyChangeFailed - Updating the backup storage redundancy type to zone-redundant storage is not supported when a long-term retention policy with the 'archive' backup storage access tier is set\n\n * 400 LongTermRetentionMigrationSubscriptionNotFound - The subscription could not be found.\n\n * 400 LtrOperationFailedBackupImmutable - Deleting Long Term Retention backup failed because the backup is immutable.\n\n * 400 DeleteLtrBackupWithLegalHold - The backup cannot be deleted because there is a legal hold placed on it. Remove the legal hold and retry.\n\n * 400 LTRBackupImmutableNotSet - The operation could not be completed because the backup is not configured for immutability.\n\n * 400 LTRBackupImmutabilityLocked - The operation could not be completed because the backup is immutable and locked. \n\n * 400 LongTermRetentionMigrationRequestNotSupported - Subscription is not allowed LTR backup Migration feature.\n\n * 400 LongTermRetentionMigrationCrossClusterRequestNotSupported - Source and target subscriptions are not allowed to communicate for LTR backup copy feature.\n\n * 400 LongTermRetentionMigrationParameterMissing - Required parameter missing for the operation.\n\n * 400 LongTermRetentionMigrationSameServerNotSupported - LTR Copy feature is not supported to copy LTR backups within same server.\n\n * 400 LongTermRetentionMigrationTargetServerNotFound - Target server does not exists or is not ready for LTR backup copy operation.\n\n * 400 LongTermRetentionMigrationTargetDatabaseNotFound - Target Database does not exists on the server.\n\n * 400 LongTermRetentionMigrationStorageTypeNotSupported - Specified Backup Storage Redundancy is not supported in target region.\n\n * 400 LongTermRetentionMigrationStorageMismatch - Active backup redundancy of database does not match backup redundancy requested by customer.\n\n * 400 LongTermRetentionMigrationDatabaseTypeNotSupported - LTR migration is only supported for managed instance and Azure SQL DB LTR backups.\n\n * 400 ManagementServiceManagedServerDisabled - Operation failed since Managed Instance '{0}' is disabled. Please enable Managed Instance and try again.\n\n * 400 MiGeoRestoreWithWrongBackupStorageRedundancy - Geo-Restore is not allowed for managed instances with LRS/ZRS backup storage redundancy.\n\n * 400 LastBackupNameHasNewline - Please do not use forbidden characters ('\\n', '\\r') in lastBackupName.\n\n * 400 LastBackupNameHasNonAsciiCharacter - The operation was aborted because the 'LastBackupName' parameter contains invalid characters. Only ASCII characters are allowed.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 LRSCutoverDatabaseDoesNotExist - The operation was aborted because the database name specified in the request doesn't match any database name on the specified server.\n\n * 400 LRSCutoverDatabaseNotInRestoringState - The operation was aborted because the specified database is not in restoring state.\n\n * 400 LRSCutoverDatabaseAlreadyRestored - The operation was aborted because the specified database was already restored.\n\n * 400 LRSCutoverAlreadyInitiated - The operation was aborted because a cutover for the specified database is already in progress.\n\n * 400 ManagementServiceFeatureDisabled - User attempted to use a feature which is disabled.\n\n * 400 AadOnlyAuthenticationIsEnabled - Azure Active Directory Only Authentication is enabled. Please contact your system administrator.\n\n * 400 UpdatingInstanceAndBackupRedundancy - Instance zone redundancy and backup storage redundancy cannot be updated in the same request.\n\n * 400 DeleteOfManagedInstanceIsDisabled - Delete operation of managed instance is disabled.\n\n * 400 RequestCantLandOnPaaSv2Platform - Request needs to land on PaaSv2 platform but PaaSv2 is not enabled.\n\n * 400 CustomMaintenanceWindowIsDisabled - Custom maintenance window is not enabled.\n\n * 400 DeleteOfVersion2VirtualClusterIsDisabled - Delete of virtual cluster with version 2 is not enabled.\n\n * 400 DeleteOfVirtualClusterIsDisabled - Delete of virtual cluster is not enabled.\n\n * 400 MICantBeMovedFromOrToInstancePool - Existing managed instance can't be moved to managed instance pool.\n\n * 400 DnsRefreshOnVirtualClusterIsDisabled - Refresh of DNS records on virtual cluster is not enabled.\n\n * 400 TimeoutDuringRestore - A timeout was encountered while trying to connect to the restore target.\n\n * 400 AutoCompleteMissingLastBackupName - Auto complete restore request must have lastBackupName parameter provided.\n\n * 400 MissingThumbprint - Can not find server certificate.\n\n * 400 BlobStorageServerFailure - Blob storage server failure has occurred.\n\n * 400 BackupSetNotFound - No backups were found to restore the database. Please contact support to restore the database.\n\n * 400 FullBackupNotFound - Full backup can not be found.\n\n * 400 RestoreFromStripedBackupsNotEnabled - Restoring from striped backups is not supported.\n\n * 400 BrokenRestorePlanNoFullBackup - The restore plan is broken because there is no full backup.\n\n * 400 BrokenRestorePlanWrongLogBackupLSN - The restore plan is broken because firstLsn of current log backup is not <= lastLsn of next log backup.\n\n * 400 BrokenRestorePlanWrongDiffBackupLSN - The restore plan is broken because firstLsn of diff backup is not >= firstLsn of full backup.\n\n * 400 BrokenRestorePlanGapInLogBackups - The restore plan is broken because firstLsn of current log backup is not equal to lastLsn of prev log backup.\n\n * 400 TargetServerDoesNotExist - The target server {0} does not exist or is not ready yet. Please check that it exists and retry the restore request.\n\n * 400 TargetServerRestoreNotAllowed - The target server {0} is currently not in a state that allows a restore to be started.\n\n * 400 XtpInitializedDuringRestore - Memory-optimized filegroup must be empty in order to be restored on General Purpose tier of SQL Database Managed Instance.\n\n * 400 FullBackupMissingChecksum - Provided full backup is missing checksum.\n\n * 400 FullBackupDamaged - Provided full backup is damaged.\n\n * 400 MissingStripeInBackupSet - Provided backup set has one or more missing stripes.\n\n * 400 BackupsFromMultipleDatabasesDetectedInTheContainerWhileRestoreInProgress - There are backups from multiple databases in the container folder. Please make sure the container folder has backups from a single database.{0}\n\n * 400 BrokenRestorePlanWrongDiffBaseGUID - The restore plan is broken because DifferentialBaseGuid of diff backup does not match BackupSetGuid of full backup.\n\n * 400 CorruptedPagesInBackupSet - Operation was aborted because RESTORE detected one or more corrupted pages in the backup set.\n\n * 400 ManagedIdentityIssueDetectedWhileRestoreInProgress - Managed identity is not set up properly. Please verify and try again.\n\n * 400 CorruptedPagesListMaintenance - Operation was aborted because an internal error occurred while processing the backup taken without checksum.\n\n * 400 StorageBrokenIssueDetectedWhileInProgress - Storage connection is broken. Retrying automatically...\n\n * 400 PartiallyContainedDatabaseUnsupported - \"Backup for a partially contained database is not supported.\"\n\n * 400 RequiredBackupIsNotLastRestored - Migration cannot be completed because provided backup file name is not the name of the last backup file that is restored.\n\n * 400 ManagedInstanceStorageLimitHit - The managed instance has reached its storage limit.\n\n * 400 IncompatiblePhysicalLayoutTooFewDataFiles - Database backup contains incompatible physical layout. No data files are found in the backup.\n\n * 400 IncompatiblePhysicalLayoutNonOnlineDataFilesExist - Database backup contains incompatible physical layout. Non-online data files exist.\n\n * 400 IncompatiblePhysicalLayoutWrongNumberOfLogFiles - Database backup contains incompatible physical layout. Multiple log files are not supported.\n\n * 400 IncompatiblePhysicalLayoutNonOnlineLogFilesExist - Database backup contains incompatible physical layout. Non-online log files exist.\n\n * 400 IncompatiblePhysicalLayoutTooManyNonDataLogFiles - Database backup contains incompatible physical layout. Too many non-data/log files.\n\n * 400 ExternalBackupAlreadySignaledToComplete - The restore request has already been signaled to complete.\n\n * 400 ExternalBackupRestoreHasNotBeenStarted - The restore request can only be completed once the restore has started.\n\n * 400 ExternalBackupUpgradeInProgress - The restore request cannot be completed, since upgrade is in progress.\n\n * 400 IncompatiblePhysicalLayoutTooManyXTPFiles - Database backup contains incompatible physical layout. Multiple files found in the filegroup that contains MEMORY_OPTIMIZED_DATA.\n\n * 400 BlobStorageFailure - Blob storage failure has occurred.\n\n * 400 BackupsFromMultipleDatabasesDetectedInTheContainerFromTheStart - There are backups from multiple databases in the container folder. Please make sure the container folder has backups from a single database.{0}\n\n * 400 ManagedIdentityIssueDetectedFromTheStart - Managed identity is not set up properly. Please verify and try again.\n\n * 400 StorageBrokenIssueDetectedAtTheStart - Storage connection is broken. Please verify and try again.\n\n * 400 StorageBrokenIssueDetectedTerminateRetries - Storage connection is still broken. Please verify and try again.\n\n * 400 BackupSetBroken - Backup set is broken.\n\n * 400 SqlRestoreError - Non retriable error occurred while restoring backup.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 LongTermRetentionMigrationBackupNotFound - LTR backup specified does not exists.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 409 LongTermRetentionMigrationRequestConflict - A conflict operation on this LTR backup is still in progress.\n\n * 409 LongTermRetentionMigrationBackupConflict - Another LTR backup with same backup time for target database exists.\n\n * 409 MiCreateFailedNonDelegatedSubnet - User tried to deploy Managed Instance or Managed Instance pool in subnet that is not delegated to Microsoft.Sql/managedInstances.\n\n * 409 InstancePoolBusy - An instance pool is busy with another ongoing operation\n\n * 409 ConflictingManagedInstanceOperation - An operation is currently in progress for the managed instance.\n\n * 409 BackupRedundancyUpdateAndInstanceRedundancyConflict - The instance is multi-az but backup storage is being updated from zone redundant to non-zone redundant.\n\n * 409 InstanceRedundancyUpdateWhileBackupRedundancyUpdateInProgress - Cannot update instance redundancy because backup storage redundancy update is in progress.\n\n * 409 InstanceRedundancyUpdateAndBackupRedundancyConflict - The backup storage is non-zone redundant but instance redundancy is being updated to zone redundant.\n\n * 409 BackupRedundancyUpdateConflict - Cannot update backup storage redundancy because a backup storage redundancy update is already in progress.\n\n * 409 MiDropFailedOnAuthLocks - User tried to drop last Managed Instance in subnet that has Lock applied on resource(s).\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 412 InstanceNotReadyForBackupRedundancyUpdate - Cannot update backup storage redundancy because the instance is not ready.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 500 LongTermRetentionMigrationRequestCopyFailed - Copy operation failed for LTR backup blobs.\n\n * 500 LongTermRetentionMigrationRestoreVerExceeded - Restore verification failed after max attempts were reached.\n\n * 500 LongTermRetentionMigrationRestoreVerFailed - Restore verification failed.\n\n * 500 LongTermRetentionMigrationRequestFailedToStartOnTarget - Failed to start LTR backup copy request in target region.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 CannotUpdateIsLedgerDatabase - The ledger property of an existing database cannot be updated.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 InvalidDatabaseCreateOrUpdateRequest - The request body for the create or update database operation is invalid.\n\n * 400 InvalidResourceId - Invalid resource identifier.\n\n * 400 InvalidSourceDatabaseId - Invalid source database identifier.\n\n * 400 InvalidRestorableDroppedDatabaseId - Invalid restorable dropped database identifier\n\n * 400 InvalidCrossSubscriptionTargetManagedInstanceId - Invalid cross subscription target managed instance identifier.\n\n * 400 MismatchingResourceGroupNameWithUrl - The provided resource group name did not match the name in the Url.\n\n * 400 MismatchingServerNameWithUrl - The provided server name did not match the name in the Url.\n\n * 400 MismatchingSubscriptionWithUrl - The provided subscription did not match the subscription in the Url.\n\n * 400 MissingCollation - Collation is required.\n\n * 400 MissingSourceDatabaseId - Missing source database identifier.\n\n * 400 MissingRestorePointInTime - Missing restore point in time\n\n * 400 MissingStorageContainerSasToken - Missing storage container SAS token\n\n * 400 MissingStorageContainerUri - Missing storage container URI\n\n * 400 RestorableDroppedDatabaseIdGivenForRestoreWithSourceDatabaseId - Cannot specify restorableDroppedDatabaseId when sourceDatabaseId is already given in restore create mode\n\n * 400 CrossSubscriptionRestorableDroppedDatabaseIdGivenForRestoreWithCrossSubscriptionSourceDatabaseId - Cannot specify crossSubscriptionRestorableDroppedDatabaseId when crossSubscriptionSourceDatabaseId is already given.\n\n * 400 MissmatchingCrossSubscriptionTargetManagedInstanceIdWithUrl - The provided crossSubscriptionTargetManagedInstanceId must match the instance in the URL.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidLongTermRetentionManagedInstanceBackupId - Invalid long term retention backup identifier for Managed Instances.\n\n * 400 LongTermRetentiontBackupOperationResultsInvalidODataQuery - The specified OData query is either not valid or not supported\n\n * 400 LTRBackupNotExists - The operation could not be completed because the backup does not exist.\n\n * 400 LongTermRetentionMigrationBackupStorageRedundancyNotAllowed - Changing backup storage redundancy is not allowed for LTR Copy operations.\n\n * 400 LtrRestoreFailedArchiveStorageTier - Restoring archived long-term retention backup is not supported. Restore can be performed only on rehydrated or regular long-term retention backups.\n\n * 400 LtrArchiveStorageTierNotEnabled - Archiving long-term retention backups is not enabled.\n\n * 400 LtrArchiveWrongParameters - ChangeLongTermRetentionBackupAccessTier is not supported for the desired (backupStorageAccessTier, operationMode) combination. Only (Archive, Move) and (Hot, Copy) are allowed.\n\n * 400 LTRArchiveRedundancyChangeFailed - Updating the backup storage redundancy type to zone-redundant storage is not supported when a long-term retention policy with the 'archive' backup storage access tier is set\n\n * 400 LongTermRetentionMigrationSubscriptionNotFound - The subscription could not be found.\n\n * 400 LtrOperationFailedBackupImmutable - Deleting Long Term Retention backup failed because the backup is immutable.\n\n * 400 DeleteLtrBackupWithLegalHold - The backup cannot be deleted because there is a legal hold placed on it. Remove the legal hold and retry.\n\n * 400 LTRBackupImmutableNotSet - The operation could not be completed because the backup is not configured for immutability.\n\n * 400 LTRBackupImmutabilityLocked - The operation could not be completed because the backup is immutable and locked. \n\n * 400 LongTermRetentionMigrationRequestNotSupported - Subscription is not allowed LTR backup Migration feature.\n\n * 400 LongTermRetentionMigrationCrossClusterRequestNotSupported - Source and target subscriptions are not allowed to communicate for LTR backup copy feature.\n\n * 400 LongTermRetentionMigrationParameterMissing - Required parameter missing for the operation.\n\n * 400 LongTermRetentionMigrationSameServerNotSupported - LTR Copy feature is not supported to copy LTR backups within same server.\n\n * 400 LongTermRetentionMigrationTargetServerNotFound - Target server does not exists or is not ready for LTR backup copy operation.\n\n * 400 LongTermRetentionMigrationTargetDatabaseNotFound - Target Database does not exists on the server.\n\n * 400 LongTermRetentionMigrationStorageTypeNotSupported - Specified Backup Storage Redundancy is not supported in target region.\n\n * 400 LongTermRetentionMigrationStorageMismatch - Active backup redundancy of database does not match backup redundancy requested by customer.\n\n * 400 LongTermRetentionMigrationDatabaseTypeNotSupported - LTR migration is only supported for managed instance and Azure SQL DB LTR backups.\n\n * 400 ManagementServiceManagedServerDisabled - Operation failed since Managed Instance '{0}' is disabled. Please enable Managed Instance and try again.\n\n * 400 MiGeoRestoreWithWrongBackupStorageRedundancy - Geo-Restore is not allowed for managed instances with LRS/ZRS backup storage redundancy.\n\n * 400 LastBackupNameHasNewline - Please do not use forbidden characters ('\\n', '\\r') in lastBackupName.\n\n * 400 LastBackupNameHasNonAsciiCharacter - The operation was aborted because the 'LastBackupName' parameter contains invalid characters. Only ASCII characters are allowed.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 LRSCutoverDatabaseDoesNotExist - The operation was aborted because the database name specified in the request doesn't match any database name on the specified server.\n\n * 400 LRSCutoverDatabaseNotInRestoringState - The operation was aborted because the specified database is not in restoring state.\n\n * 400 LRSCutoverDatabaseAlreadyRestored - The operation was aborted because the specified database was already restored.\n\n * 400 LRSCutoverAlreadyInitiated - The operation was aborted because a cutover for the specified database is already in progress.\n\n * 400 ManagementServiceFeatureDisabled - User attempted to use a feature which is disabled.\n\n * 400 AadOnlyAuthenticationIsEnabled - Azure Active Directory Only Authentication is enabled. Please contact your system administrator.\n\n * 400 UpdatingInstanceAndBackupRedundancy - Instance zone redundancy and backup storage redundancy cannot be updated in the same request.\n\n * 400 DeleteOfManagedInstanceIsDisabled - Delete operation of managed instance is disabled.\n\n * 400 RequestCantLandOnPaaSv2Platform - Request needs to land on PaaSv2 platform but PaaSv2 is not enabled.\n\n * 400 CustomMaintenanceWindowIsDisabled - Custom maintenance window is not enabled.\n\n * 400 DeleteOfVersion2VirtualClusterIsDisabled - Delete of virtual cluster with version 2 is not enabled.\n\n * 400 DeleteOfVirtualClusterIsDisabled - Delete of virtual cluster is not enabled.\n\n * 400 MICantBeMovedFromOrToInstancePool - Existing managed instance can't be moved to managed instance pool.\n\n * 400 DnsRefreshOnVirtualClusterIsDisabled - Refresh of DNS records on virtual cluster is not enabled.\n\n * 400 TimeoutDuringRestore - A timeout was encountered while trying to connect to the restore target.\n\n * 400 AutoCompleteMissingLastBackupName - Auto complete restore request must have lastBackupName parameter provided.\n\n * 400 MissingThumbprint - Can not find server certificate.\n\n * 400 BlobStorageServerFailure - Blob storage server failure has occurred.\n\n * 400 MissingIdentityForAzureKeyVault - Target server does not have an identity to access Azure Key Vault\n\n * 400 BackupSetNotFound - No backups were found to restore the database. Please contact support to restore the database.\n\n * 400 FullBackupNotFound - Full backup can not be found.\n\n * 400 RestoreFromStripedBackupsNotEnabled - Restoring from striped backups is not supported.\n\n * 400 BrokenRestorePlanNoFullBackup - The restore plan is broken because there is no full backup.\n\n * 400 BrokenRestorePlanWrongLogBackupLSN - The restore plan is broken because firstLsn of current log backup is not <= lastLsn of next log backup.\n\n * 400 BrokenRestorePlanWrongDiffBackupLSN - The restore plan is broken because firstLsn of diff backup is not >= firstLsn of full backup.\n\n * 400 BrokenRestorePlanGapInLogBackups - The restore plan is broken because firstLsn of current log backup is not equal to lastLsn of prev log backup.\n\n * 400 TargetServerDoesNotExist - The target server {0} does not exist or is not ready yet. Please check that it exists and retry the restore request.\n\n * 400 TargetServerRestoreNotAllowed - The target server {0} is currently not in a state that allows a restore to be started.\n\n * 400 XtpInitializedDuringRestore - Memory-optimized filegroup must be empty in order to be restored on General Purpose tier of SQL Database Managed Instance.\n\n * 400 FullBackupMissingChecksum - Provided full backup is missing checksum.\n\n * 400 FullBackupDamaged - Provided full backup is damaged.\n\n * 400 MissingStripeInBackupSet - Provided backup set has one or more missing stripes.\n\n * 400 BackupsFromMultipleDatabasesDetectedInTheContainerWhileRestoreInProgress - There are backups from multiple databases in the container folder. Please make sure the container folder has backups from a single database.{0}\n\n * 400 BrokenRestorePlanWrongDiffBaseGUID - The restore plan is broken because DifferentialBaseGuid of diff backup does not match BackupSetGuid of full backup.\n\n * 400 CorruptedPagesInBackupSet - Operation was aborted because RESTORE detected one or more corrupted pages in the backup set.\n\n * 400 ManagedIdentityIssueDetectedWhileRestoreInProgress - Managed identity is not set up properly. Please verify and try again.\n\n * 400 CorruptedPagesListMaintenance - Operation was aborted because an internal error occurred while processing the backup taken without checksum.\n\n * 400 StorageBrokenIssueDetectedWhileInProgress - Storage connection is broken. Retrying automatically...\n\n * 400 PartiallyContainedDatabaseUnsupported - \"Backup for a partially contained database is not supported.\"\n\n * 400 RequiredBackupIsNotLastRestored - Migration cannot be completed because provided backup file name is not the name of the last backup file that is restored.\n\n * 400 ManagedInstanceStorageLimitHit - The managed instance has reached its storage limit.\n\n * 400 IncompatiblePhysicalLayoutTooFewDataFiles - Database backup contains incompatible physical layout. No data files are found in the backup.\n\n * 400 IncompatiblePhysicalLayoutNonOnlineDataFilesExist - Database backup contains incompatible physical layout. Non-online data files exist.\n\n * 400 IncompatiblePhysicalLayoutWrongNumberOfLogFiles - Database backup contains incompatible physical layout. Multiple log files are not supported.\n\n * 400 IncompatiblePhysicalLayoutNonOnlineLogFilesExist - Database backup contains incompatible physical layout. Non-online log files exist.\n\n * 400 IncompatiblePhysicalLayoutTooManyNonDataLogFiles - Database backup contains incompatible physical layout. Too many non-data/log files.\n\n * 400 ExternalBackupAlreadySignaledToComplete - The restore request has already been signaled to complete.\n\n * 400 ExternalBackupRestoreHasNotBeenStarted - The restore request can only be completed once the restore has started.\n\n * 400 ExternalBackupUpgradeInProgress - The restore request cannot be completed, since upgrade is in progress.\n\n * 400 IncompatiblePhysicalLayoutTooManyXTPFiles - Database backup contains incompatible physical layout. Multiple files found in the filegroup that contains MEMORY_OPTIMIZED_DATA.\n\n * 400 BlobStorageFailure - Blob storage failure has occurred.\n\n * 400 BackupsFromMultipleDatabasesDetectedInTheContainerFromTheStart - There are backups from multiple databases in the container folder. Please make sure the container folder has backups from a single database.{0}\n\n * 400 ManagedIdentityIssueDetectedFromTheStart - Managed identity is not set up properly. Please verify and try again.\n\n * 400 StorageBrokenIssueDetectedAtTheStart - Storage connection is broken. Please verify and try again.\n\n * 400 StorageBrokenIssueDetectedTerminateRetries - Storage connection is still broken. Please verify and try again.\n\n * 400 BackupSetBroken - Backup set is broken.\n\n * 400 SqlRestoreError - Non retriable error occurred while restoring backup.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 LongTermRetentionMigrationBackupNotFound - LTR backup specified does not exists.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 409 LongTermRetentionMigrationRequestConflict - A conflict operation on this LTR backup is still in progress.\n\n * 409 LongTermRetentionMigrationBackupConflict - Another LTR backup with same backup time for target database exists.\n\n * 409 MiCreateFailedNonDelegatedSubnet - User tried to deploy Managed Instance or Managed Instance pool in subnet that is not delegated to Microsoft.Sql/managedInstances.\n\n * 409 InstancePoolBusy - An instance pool is busy with another ongoing operation\n\n * 409 ConflictingManagedInstanceOperation - An operation is currently in progress for the managed instance.\n\n * 409 BackupRedundancyUpdateAndInstanceRedundancyConflict - The instance is multi-az but backup storage is being updated from zone redundant to non-zone redundant.\n\n * 409 InstanceRedundancyUpdateWhileBackupRedundancyUpdateInProgress - Cannot update instance redundancy because backup storage redundancy update is in progress.\n\n * 409 InstanceRedundancyUpdateAndBackupRedundancyConflict - The backup storage is non-zone redundant but instance redundancy is being updated to zone redundant.\n\n * 409 BackupRedundancyUpdateConflict - Cannot update backup storage redundancy because a backup storage redundancy update is already in progress.\n\n * 409 MiDropFailedOnAuthLocks - User tried to drop last Managed Instance in subnet that has Lock applied on resource(s).\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 412 InstanceNotReadyForBackupRedundancyUpdate - Cannot update backup storage redundancy because the instance is not ready.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 500 LongTermRetentionMigrationRequestCopyFailed - Copy operation failed for LTR backup blobs.\n\n * 500 LongTermRetentionMigrationRestoreVerExceeded - Restore verification failed after max attempts were reached.\n\n * 500 LongTermRetentionMigrationRestoreVerFailed - Restore verification failed.\n\n * 500 LongTermRetentionMigrationRequestFailedToStartOnTarget - Failed to start LTR backup copy request in target region.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -351,7 +351,7 @@ "description": "Successfully canceled move request." }, "default": { - "description": "*** Error Responses: ***\n\n * 400 InvalidResourceManagedDatabaseMoveRequest - Invalid Managed Instance database move request.\n\n * 400 InvalidManagedDatabaseMoveTargetResourceId - Invalid Managed Instance database move target resource ID in the properties.\n\n * 400 InvalidMoveTargetResourceId - The target resource identifier in move request is invalid.\n\n * 400 MismatchingSubscriptionWithUrl - The provided subscription did not match the subscription in the Url.\n\n * 400 MismatchingResourceGroupNameWithUrl - The provided resource group name did not match the name in the Url.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 SystemDatabaseUnsupportedOperation - Unsupported operation for system database.\n\n * 400 ManagedInstanceDatabaseCopyOrMoveToInstanceWithOlderVersionEdition - Operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 XtpServerStateMismatch - Both source and target servers do not support memory optimized data.\n\n * 400 ManagedInstanceDatabaseLimitExceeded - This operation cannot start because specified target managed instance '{0}' already has maximum number of user databases.\n\n * 400 ManagedDatabaseGPFileSizeLimitExceeded - Creating a copy of a managed database on different SQL Managed Instance with General Purpose service tier would violate data file size limit. See: 'https://docs.microsoft.com/azure/azure-sql/managed-instance/resource-limits#service-tier-characteristics'.\n\n * 400 ManagedInstanceGPStorageAccountLimitExceeded - Creating a copy of a database on different SQL Managed Instance with General Purpose service tier would violate storage account size limit. See: 'https://docs.microsoft.com/azure/azure-sql/managed-instance/resource-limits#service-tier-characteristics'.\n\n * 400 TargetInsufficientStorage - Attempt to move/restore/copy database on the destination instance with insufficient space.\n\n * 400 BrokenConnectivityBetweenInstances - Database '{0}' operation failed because there is no network connectivity between source instance '{1}' and target instance '{2}'.\n\n * 400 SubnetOverlapBetweenInstances - Database '{0}' operation failed because there is no connectivity between source and target Azure SQL Managed Instance. This is because the target instance subnet has an overlapping address range with the subnet of the source instance.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 CrossTenantOperationNotSupported - Cross tenant operation is not supported.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 CrossResourceOperationNotSupported - Cross resource operation is not supported.\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceRestoreToInstanceWithOlderVersionEdition - Restore operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - Invalid request specifying a non-existent resource.\n\n * 404 CrossManagedInstanceDatabaseMovementNotExist - Database movement does not exist.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 InvalidResourceManagedDatabaseMoveRequest - Invalid Managed Instance database move request.\n\n * 400 InvalidManagedDatabaseMoveTargetResourceId - Invalid Managed Instance database move target resource ID in the properties.\n\n * 400 InvalidMoveTargetResourceId - The target resource identifier in move request is invalid.\n\n * 400 MismatchingSubscriptionWithUrl - The provided subscription did not match the subscription in the Url.\n\n * 400 MismatchingResourceGroupNameWithUrl - The provided resource group name did not match the name in the Url.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 SystemDatabaseUnsupportedOperation - Unsupported operation for system database.\n\n * 400 ManagedInstanceDatabaseCopyOrMoveToInstanceWithOlderVersionEdition - Operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 XtpServerStateMismatch - Both source and target servers do not support memory optimized data.\n\n * 400 ManagedInstanceDatabaseLimitExceeded - This operation cannot start because specified target managed instance '{0}' already has maximum number of user databases.\n\n * 400 ManagedDatabaseGPFileSizeLimitExceeded - Creating a copy of a managed database on different SQL Managed Instance with General Purpose service tier would violate data file size limit. See: 'https://docs.microsoft.com/azure/azure-sql/managed-instance/resource-limits#service-tier-characteristics'.\n\n * 400 ManagedInstanceGPStorageAccountLimitExceeded - Creating a copy of a database on different SQL Managed Instance with General Purpose service tier would violate storage account size limit. See: 'https://docs.microsoft.com/azure/azure-sql/managed-instance/resource-limits#service-tier-characteristics'.\n\n * 400 TargetInsufficientStorage - Attempt to move/restore/copy database on the destination instance with insufficient space.\n\n * 400 BrokenConnectivityBetweenInstances - Database '{0}' operation failed because there is no network connectivity between source instance '{1}' and target instance '{2}'.\n\n * 400 SubnetOverlapBetweenInstances - Database '{0}' operation failed because there is no connectivity between source and target Azure SQL Managed Instance. This is because the target instance subnet has an overlapping address range with the subnet of the source instance.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 CrossTenantOperationNotSupported - Cross tenant operation is not supported.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 CrossResourceOperationNotSupported - Cross resource operation is not supported.\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceRestoreToInstanceWithOlderVersionEdition - Restore operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - Invalid request specifying a non-existent resource.\n\n * 404 CrossManagedInstanceDatabaseMovementNotExist - Database movement does not exist.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -411,7 +411,7 @@ "description": "Successfully completed move request." }, "default": { - "description": "*** Error Responses: ***\n\n * 400 InvalidResourceManagedDatabaseMoveRequest - Invalid Managed Instance database move request.\n\n * 400 InvalidManagedDatabaseMoveTargetResourceId - Invalid Managed Instance database move target resource ID in the properties.\n\n * 400 InvalidMoveTargetResourceId - The target resource identifier in move request is invalid.\n\n * 400 MismatchingSubscriptionWithUrl - The provided subscription did not match the subscription in the Url.\n\n * 400 MismatchingResourceGroupNameWithUrl - The provided resource group name did not match the name in the Url.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 SystemDatabaseUnsupportedOperation - Unsupported operation for system database.\n\n * 400 ManagedInstanceDatabaseCopyOrMoveToInstanceWithOlderVersionEdition - Operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 XtpServerStateMismatch - Both source and target servers do not support memory optimized data.\n\n * 400 ManagedInstanceDatabaseLimitExceeded - This operation cannot start because specified target managed instance '{0}' already has maximum number of user databases.\n\n * 400 ManagedDatabaseGPFileSizeLimitExceeded - Creating a copy of a managed database on different SQL Managed Instance with General Purpose service tier would violate data file size limit. See: 'https://docs.microsoft.com/azure/azure-sql/managed-instance/resource-limits#service-tier-characteristics'.\n\n * 400 ManagedInstanceGPStorageAccountLimitExceeded - Creating a copy of a database on different SQL Managed Instance with General Purpose service tier would violate storage account size limit. See: 'https://docs.microsoft.com/azure/azure-sql/managed-instance/resource-limits#service-tier-characteristics'.\n\n * 400 TargetInsufficientStorage - Attempt to move/restore/copy database on the destination instance with insufficient space.\n\n * 400 BrokenConnectivityBetweenInstances - Database '{0}' operation failed because there is no network connectivity between source instance '{1}' and target instance '{2}'.\n\n * 400 SubnetOverlapBetweenInstances - Database '{0}' operation failed because there is no connectivity between source and target Azure SQL Managed Instance. This is because the target instance subnet has an overlapping address range with the subnet of the source instance.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 CrossTenantOperationNotSupported - Cross tenant operation is not supported.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 CrossResourceOperationNotSupported - Cross resource operation is not supported.\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceRestoreToInstanceWithOlderVersionEdition - Restore operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - Invalid request specifying a non-existent resource.\n\n * 404 CrossManagedInstanceDatabaseMovementNotExist - Database movement does not exist.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 InvalidResourceManagedDatabaseMoveRequest - Invalid Managed Instance database move request.\n\n * 400 InvalidManagedDatabaseMoveTargetResourceId - Invalid Managed Instance database move target resource ID in the properties.\n\n * 400 InvalidMoveTargetResourceId - The target resource identifier in move request is invalid.\n\n * 400 MismatchingSubscriptionWithUrl - The provided subscription did not match the subscription in the Url.\n\n * 400 MismatchingResourceGroupNameWithUrl - The provided resource group name did not match the name in the Url.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 SystemDatabaseUnsupportedOperation - Unsupported operation for system database.\n\n * 400 ManagedInstanceDatabaseCopyOrMoveToInstanceWithOlderVersionEdition - Operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 XtpServerStateMismatch - Both source and target servers do not support memory optimized data.\n\n * 400 ManagedInstanceDatabaseLimitExceeded - This operation cannot start because specified target managed instance '{0}' already has maximum number of user databases.\n\n * 400 ManagedDatabaseGPFileSizeLimitExceeded - Creating a copy of a managed database on different SQL Managed Instance with General Purpose service tier would violate data file size limit. See: 'https://docs.microsoft.com/azure/azure-sql/managed-instance/resource-limits#service-tier-characteristics'.\n\n * 400 ManagedInstanceGPStorageAccountLimitExceeded - Creating a copy of a database on different SQL Managed Instance with General Purpose service tier would violate storage account size limit. See: 'https://docs.microsoft.com/azure/azure-sql/managed-instance/resource-limits#service-tier-characteristics'.\n\n * 400 TargetInsufficientStorage - Attempt to move/restore/copy database on the destination instance with insufficient space.\n\n * 400 BrokenConnectivityBetweenInstances - Database '{0}' operation failed because there is no network connectivity between source instance '{1}' and target instance '{2}'.\n\n * 400 SubnetOverlapBetweenInstances - Database '{0}' operation failed because there is no connectivity between source and target Azure SQL Managed Instance. This is because the target instance subnet has an overlapping address range with the subnet of the source instance.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 CrossTenantOperationNotSupported - Cross tenant operation is not supported.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 CrossResourceOperationNotSupported - Cross resource operation is not supported.\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceRestoreToInstanceWithOlderVersionEdition - Restore operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - Invalid request specifying a non-existent resource.\n\n * 404 CrossManagedInstanceDatabaseMovementNotExist - Database movement does not exist.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -471,7 +471,7 @@ "description": "Successfully completed restore request." }, "default": { - "description": "*** Error Responses: ***\n\n * 400 InvalidDatabaseCompleteRestoreRequest - The complete database restore request is invalid\n\n * 400 InvalidDatabaseCompleteRestoreRequestLastBackupName - The last backup name is invalid\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TimeoutDuringRestore - A timeout was encountered while trying to connect to the restore target.\n\n * 400 AutoCompleteMissingLastBackupName - Auto complete restore request must have lastBackupName parameter provided.\n\n * 400 MissingThumbprint - Can not find server certificate.\n\n * 400 BlobStorageServerFailure - Blob storage server failure has occurred.\n\n * 400 BackupSetNotFound - No backups were found to restore the database. Please contact support to restore the database.\n\n * 400 FullBackupNotFound - Full backup can not be found.\n\n * 400 RestoreFromStripedBackupsNotEnabled - Restoring from striped backups is not supported.\n\n * 400 BrokenRestorePlanNoFullBackup - The restore plan is broken because there is no full backup.\n\n * 400 BrokenRestorePlanWrongLogBackupLSN - The restore plan is broken because firstLsn of current log backup is not <= lastLsn of next log backup.\n\n * 400 BrokenRestorePlanWrongDiffBackupLSN - The restore plan is broken because firstLsn of diff backup is not >= firstLsn of full backup.\n\n * 400 BrokenRestorePlanGapInLogBackups - The restore plan is broken because firstLsn of current log backup is not equal to lastLsn of prev log backup.\n\n * 400 TargetServerDoesNotExist - The target server {0} does not exist or is not ready yet. Please check that it exists and retry the restore request.\n\n * 400 TargetServerRestoreNotAllowed - The target server {0} is currently not in a state that allows a restore to be started.\n\n * 400 XtpInitializedDuringRestore - Memory-optimized filegroup must be empty in order to be restored on General Purpose tier of SQL Database Managed Instance.\n\n * 400 FullBackupMissingChecksum - Provided full backup is missing checksum.\n\n * 400 FullBackupDamaged - Provided full backup is damaged.\n\n * 400 MissingStripeInBackupSet - Provided backup set has one or more missing stripes.\n\n * 400 BackupsFromMultipleDatabasesDetectedInTheContainerWhileRestoreInProgress - There are backups from multiple databases in the container folder. Please make sure the container folder has backups from a single database.{0}\n\n * 400 BrokenRestorePlanWrongDiffBaseGUID - The restore plan is broken because DifferentialBaseGuid of diff backup does not match BackupSetGuid of full backup.\n\n * 400 CorruptedPagesInBackupSet - Operation was aborted because RESTORE detected one or more corrupted pages in the backup set.\n\n * 400 ManagedIdentityIssueDetectedWhileRestoreInProgress - Managed identity is not set up properly. Please verify and try again.\n\n * 400 CorruptedPagesListMaintenance - Operation was aborted because an internal error occurred while processing the backup taken without checksum.\n\n * 400 StorageBrokenIssueDetectedWhileInProgress - Storage connection is broken. Retrying automatically...\n\n * 400 PartiallyContainedDatabaseUnsupported - \"Backup for a partially contained database is not supported.\"\n\n * 400 RequiredBackupIsNotLastRestored - Migration cannot be completed because provided backup file name is not the name of the last backup file that is restored.\n\n * 400 ManagedInstanceStorageLimitHit - The managed instance has reached its storage limit.\n\n * 400 IncompatiblePhysicalLayoutTooFewDataFiles - Database backup contains incompatible physical layout. No data files are found in the backup.\n\n * 400 IncompatiblePhysicalLayoutNonOnlineDataFilesExist - Database backup contains incompatible physical layout. Non-online data files exist.\n\n * 400 IncompatiblePhysicalLayoutWrongNumberOfLogFiles - Database backup contains incompatible physical layout. Multiple log files are not supported.\n\n * 400 IncompatiblePhysicalLayoutNonOnlineLogFilesExist - Database backup contains incompatible physical layout. Non-online log files exist.\n\n * 400 IncompatiblePhysicalLayoutTooManyNonDataLogFiles - Database backup contains incompatible physical layout. Too many non-data/log files.\n\n * 400 ExternalBackupAlreadySignaledToComplete - The restore request has already been signaled to complete.\n\n * 400 ExternalBackupRestoreHasNotBeenStarted - The restore request can only be completed once the restore has started.\n\n * 400 ExternalBackupUpgradeInProgress - The restore request cannot be completed, since upgrade is in progress.\n\n * 400 IncompatiblePhysicalLayoutTooManyXTPFiles - Database backup contains incompatible physical layout. Multiple files found in the filegroup that contains MEMORY_OPTIMIZED_DATA.\n\n * 400 BlobStorageFailure - Blob storage failure has occurred.\n\n * 400 BackupsFromMultipleDatabasesDetectedInTheContainerFromTheStart - There are backups from multiple databases in the container folder. Please make sure the container folder has backups from a single database.{0}\n\n * 400 ManagedIdentityIssueDetectedFromTheStart - Managed identity is not set up properly. Please verify and try again.\n\n * 400 StorageBrokenIssueDetectedAtTheStart - Storage connection is broken. Please verify and try again.\n\n * 400 StorageBrokenIssueDetectedTerminateRetries - Storage connection is still broken. Please verify and try again.\n\n * 400 BackupSetBroken - Backup set is broken.\n\n * 400 SqlRestoreError - Non retriable error occurred while restoring backup.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", + "description": "*** Error Responses: ***\n\n * 400 InvalidDatabaseCompleteRestoreRequest - The complete database restore request is invalid\n\n * 400 InvalidDatabaseCompleteRestoreRequestLastBackupName - The last backup name is invalid\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TimeoutDuringRestore - A timeout was encountered while trying to connect to the restore target.\n\n * 400 AutoCompleteMissingLastBackupName - Auto complete restore request must have lastBackupName parameter provided.\n\n * 400 MissingThumbprint - Can not find server certificate.\n\n * 400 BlobStorageServerFailure - Blob storage server failure has occurred.\n\n * 400 MissingIdentityForAzureKeyVault - Target server does not have an identity to access Azure Key Vault\n\n * 400 BackupSetNotFound - No backups were found to restore the database. Please contact support to restore the database.\n\n * 400 FullBackupNotFound - Full backup can not be found.\n\n * 400 RestoreFromStripedBackupsNotEnabled - Restoring from striped backups is not supported.\n\n * 400 BrokenRestorePlanNoFullBackup - The restore plan is broken because there is no full backup.\n\n * 400 BrokenRestorePlanWrongLogBackupLSN - The restore plan is broken because firstLsn of current log backup is not <= lastLsn of next log backup.\n\n * 400 BrokenRestorePlanWrongDiffBackupLSN - The restore plan is broken because firstLsn of diff backup is not >= firstLsn of full backup.\n\n * 400 BrokenRestorePlanGapInLogBackups - The restore plan is broken because firstLsn of current log backup is not equal to lastLsn of prev log backup.\n\n * 400 TargetServerDoesNotExist - The target server {0} does not exist or is not ready yet. Please check that it exists and retry the restore request.\n\n * 400 TargetServerRestoreNotAllowed - The target server {0} is currently not in a state that allows a restore to be started.\n\n * 400 XtpInitializedDuringRestore - Memory-optimized filegroup must be empty in order to be restored on General Purpose tier of SQL Database Managed Instance.\n\n * 400 FullBackupMissingChecksum - Provided full backup is missing checksum.\n\n * 400 FullBackupDamaged - Provided full backup is damaged.\n\n * 400 MissingStripeInBackupSet - Provided backup set has one or more missing stripes.\n\n * 400 BackupsFromMultipleDatabasesDetectedInTheContainerWhileRestoreInProgress - There are backups from multiple databases in the container folder. Please make sure the container folder has backups from a single database.{0}\n\n * 400 BrokenRestorePlanWrongDiffBaseGUID - The restore plan is broken because DifferentialBaseGuid of diff backup does not match BackupSetGuid of full backup.\n\n * 400 CorruptedPagesInBackupSet - Operation was aborted because RESTORE detected one or more corrupted pages in the backup set.\n\n * 400 ManagedIdentityIssueDetectedWhileRestoreInProgress - Managed identity is not set up properly. Please verify and try again.\n\n * 400 CorruptedPagesListMaintenance - Operation was aborted because an internal error occurred while processing the backup taken without checksum.\n\n * 400 StorageBrokenIssueDetectedWhileInProgress - Storage connection is broken. Retrying automatically...\n\n * 400 PartiallyContainedDatabaseUnsupported - \"Backup for a partially contained database is not supported.\"\n\n * 400 RequiredBackupIsNotLastRestored - Migration cannot be completed because provided backup file name is not the name of the last backup file that is restored.\n\n * 400 ManagedInstanceStorageLimitHit - The managed instance has reached its storage limit.\n\n * 400 IncompatiblePhysicalLayoutTooFewDataFiles - Database backup contains incompatible physical layout. No data files are found in the backup.\n\n * 400 IncompatiblePhysicalLayoutNonOnlineDataFilesExist - Database backup contains incompatible physical layout. Non-online data files exist.\n\n * 400 IncompatiblePhysicalLayoutWrongNumberOfLogFiles - Database backup contains incompatible physical layout. Multiple log files are not supported.\n\n * 400 IncompatiblePhysicalLayoutNonOnlineLogFilesExist - Database backup contains incompatible physical layout. Non-online log files exist.\n\n * 400 IncompatiblePhysicalLayoutTooManyNonDataLogFiles - Database backup contains incompatible physical layout. Too many non-data/log files.\n\n * 400 ExternalBackupAlreadySignaledToComplete - The restore request has already been signaled to complete.\n\n * 400 ExternalBackupRestoreHasNotBeenStarted - The restore request can only be completed once the restore has started.\n\n * 400 ExternalBackupUpgradeInProgress - The restore request cannot be completed, since upgrade is in progress.\n\n * 400 IncompatiblePhysicalLayoutTooManyXTPFiles - Database backup contains incompatible physical layout. Multiple files found in the filegroup that contains MEMORY_OPTIMIZED_DATA.\n\n * 400 BlobStorageFailure - Blob storage failure has occurred.\n\n * 400 BackupsFromMultipleDatabasesDetectedInTheContainerFromTheStart - There are backups from multiple databases in the container folder. Please make sure the container folder has backups from a single database.{0}\n\n * 400 ManagedIdentityIssueDetectedFromTheStart - Managed identity is not set up properly. Please verify and try again.\n\n * 400 StorageBrokenIssueDetectedAtTheStart - Storage connection is broken. Please verify and try again.\n\n * 400 StorageBrokenIssueDetectedTerminateRetries - Storage connection is still broken. Please verify and try again.\n\n * 400 BackupSetBroken - Backup set is broken.\n\n * 400 SqlRestoreError - Non retriable error occurred while restoring backup.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -585,7 +585,7 @@ "description": "Successfully started move request." }, "default": { - "description": "*** Error Responses: ***\n\n * 400 InvalidManagedInstanceBackupMode - Invalid Managed Instance backup mode in the properties.\n\n * 400 InvalidManagedInstanceCompleteMode - Invalid Managed Instance complete mode in the properties.\n\n * 400 InvalidResourceManagedDatabaseMoveRequest - Invalid Managed Instance database move request.\n\n * 400 InvalidManagedDatabaseMoveTargetResourceId - Invalid Managed Instance database move target resource ID in the properties.\n\n * 400 InvalidMoveTargetResourceId - The target resource identifier in move request is invalid.\n\n * 400 MismatchingSubscriptionWithUrl - The provided subscription did not match the subscription in the Url.\n\n * 400 MismatchingResourceGroupNameWithUrl - The provided resource group name did not match the name in the Url.\n\n * 400 ManagedDatabaseMoveSourceAndTargetNameDoNotMatch - The specified database name '{0}' at the source instance and the specified database name '{1}' at the destination instance must be the same.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 SystemDatabaseUnsupportedOperation - Unsupported operation for system database.\n\n * 400 ManagedInstanceDatabaseCopyOrMoveToInstanceWithOlderVersionEdition - Operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 XtpServerStateMismatch - Both source and target servers do not support memory optimized data.\n\n * 400 ManagedInstanceDatabaseLimitExceeded - This operation cannot start because specified target managed instance '{0}' already has maximum number of user databases.\n\n * 400 ManagedDatabaseGPFileSizeLimitExceeded - Creating a copy of a managed database on different SQL Managed Instance with General Purpose service tier would violate data file size limit. See: 'https://docs.microsoft.com/azure/azure-sql/managed-instance/resource-limits#service-tier-characteristics'.\n\n * 400 ManagedInstanceGPStorageAccountLimitExceeded - Creating a copy of a database on different SQL Managed Instance with General Purpose service tier would violate storage account size limit. See: 'https://docs.microsoft.com/azure/azure-sql/managed-instance/resource-limits#service-tier-characteristics'.\n\n * 400 TargetInsufficientStorage - Attempt to move/restore/copy database on the destination instance with insufficient space.\n\n * 400 BrokenConnectivityBetweenInstances - Database '{0}' operation failed because there is no network connectivity between source instance '{1}' and target instance '{2}'.\n\n * 400 SubnetOverlapBetweenInstances - Database '{0}' operation failed because there is no connectivity between source and target Azure SQL Managed Instance. This is because the target instance subnet has an overlapping address range with the subnet of the source instance.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 CrossTenantOperationNotSupported - Cross tenant operation is not supported.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 CrossResourceOperationNotSupported - Cross resource operation is not supported.\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceRestoreToInstanceWithOlderVersionEdition - Restore operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 ElasticPoolOverStorageUsage - Attempting to write data to a database when the storage limit of the elastic pool has been reached.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 SourceDatabaseEncryptionProtectorKeyUriRequiredForPerDatabaseCMKCopyOrReplication - Geo secondary database missing AKV of geo primary database\n\n * 400 LtrPoolRestoreNoTargetSlo - Unable to determine target service level objective. If restoring from a long-term retention backup of a database that was in an elastic pool, either target elastic pool name or target service level objective must be supplied. If the source database was dropped, use Azure Powershell to specify the target service level objective.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 CannotMoveOrDropJobAccountDatabase - Cannot drop database associated with job account.\n\n * 400 JobAgentDatabaseEditionUnsupported - The specified database's service level objective is not supported for use as a job agent database.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 InvalidMaxSizeTierCombination - The specified tier does not support the specified database max size.\n\n * 400 InvalidTier - The user specified an invalid tier.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 CannotUpdateIsLedgerDatabase - The ledger property of an existing database cannot be updated.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 ChangeUnsupportedOnEntity - User attempted an unsupported create/update/delete operation on a given entity.\n\n * 400 UpdateNotAllowedInCurrentReplicationState - The operation is disallowed on the database in its current replication state.\n\n * 400 GeoReplicaLimitReached - The per-replica replication limit was reached.\n\n * 400 ReplicationSourceAndTargetMustHaveSameName - The replication source and target databases must have the same name.\n\n * 400 ReplicationSourceAndTargetMustBeInDifferentServers - The replication source and target databases must be in different logical servers.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 InvalidDatabaseCreateMode - Invalid request to create a database.\n\n * 400 TierChangeUnsupportedDueToMemoryOptimizedObject - The database cannot update its sku because it has memory-optimized objects.\n\n * 400 PartnerDBNotCompatibleForSGXEnclave - Attempt to set GeoDR link or update SLO for enclave enabled database is only supported when both database are running on DC-series hardware.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 TierChangeUnsupportedDueToCDCEnabledDatabase - The database cannot update its sku because it is enabled for CDC.\n\n * 400 IsLedgerDatabaseIsNotSupportedOnResourceType - Changing the ledger property is not supported for this resource type.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 InvalidTierSkuCombination - The specified tier does not support the specified sku.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 OfferDisabledOnSubscription - Subscription offer type is restricted from provisioning the requested resource.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PartnerServerNotCompatible - The user is attempting to copy a database from a SAWA V1 server to a Sterling server or vice versa.\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 UnableToCreateGeoChain - User attempted to create secondary database (chaining) even though automatic upload of ledger digests has been configured\n\n * 400 TargetElasticPoolDoesNotExist - The elastic pool does not exist on a server.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 ElasticPoolSkuCombinationInvalid - Elastic pool and sku can be specified together only if sku is specified as 'ElasticPool'.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 ElasticPoolTierCombinationInvalid - The database tier is different than the elastic pool service tier.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 ElasticPoolNameRequired - User tried to create or update database to elastic pool service objective without specifying the name of the elastic pool.\n\n * 400 InvalidReadScaleEdition - User attempted to enable read scale on a database type that does not support it.\n\n * 400 InvalidReadScaleUnits - User attempted to provide a read scale value that is not supported.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 GeoSecondaryMaxSizeUpdateFailed - The geo-secondary database is of a SLO that does not support the requested maxsize value or the geo-secondary is in an unsupported region or an update operation is already in progress on the geo-secondary database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 ElasticPoolInconsistentDtuGuaranteeSettings - Attempting to provide DTU min for databases in the elastic pool that exceeds requested DTUs of the elastic pool.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 ElasticPoolDatabaseCountOverLimit - Attempting to create or add database to elastic pool when the database count limit of the elastic pool has been reached.\n\n * 400 RequestedDatabaseSizeRequiresShrink - User attempted to ALTER DATABASE MODIFY MAXSIZE to modify the MAXSIZE for a database to a smaller size then the current size.\n\n * 400 CannotChangeToOrFromDataWarehouseTier - User attempted to change the sku of a database from DataWarehouse tier to non DataWarehouse tiers or vice versa.\n\n * 400 CurrentDatabaseSizeExceedsDbMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 ElasticPoolDecreaseStorageLimitBelowUsage - Attempting to decrease the storage limit of the elastic pool below its storage usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 UpdateNotAllowedOnPausedDatabase - User attempted to perform an update on a paused database.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 DatabaseNameInUse - Database already exists. Choose a different database name.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SourceDatabaseEditionCouldNotBeUpgraded - The source database cannot have higher edition than the target database.\n\n * 400 TargetDatabaseEditionCouldNotBeDowngraded - The target database cannot have lower edition than the source database.\n\n * 400 UpdateNotAllowedIfGeoDrOperationInProgress - The operation is disallowed because copy or failover operation for database '{0}' on server '{1}' is currently in progress.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 ElasticPoolOverFileSpace - Insufficient file space in the elastic pool.\n\n * 400 InvalidLicenseType - User tried to create or update a database or elastic pool with unsupported license type.\n\n * 400 UnsupportedCapacity - User tried to create or update database with capacity which is not supported.\n\n * 400 RestoreToFreeEditionNotSupported - Restore and GeoRestore target cannot be free database.\n\n * 400 RestoreNotSupportedForFreeEdition - Restore and GeoRestore are not supported for free database.\n\n * 400 InvalidDroppedDatabase - Source database dropped does not exist on server within the supported recovery period.\n\n * 400 InvalidLiveDatabase - Source database does not exist on server within the supported recovery period. If restoring a dropped database, please specify its deletion date.\n\n * 400 InvalidVldbRecoverySlo - The Hyperscale edition recovery requires both source and target databases to use Hyperscale service level objective.\n\n * 400 CannotUpdateToFreeDatabase - Updating a database to the free sku is not supported.\n\n * 400 InvalidVldbRestoreSlo - The Hyperscale edition Point-In-Time restore requires both source and target databases to use Hyperscale service level objective.\n\n * 400 CannotSpecifyPoolOrSlo - Specifying an elastic pool and/or changing the service level objective or edition is not supported for edition.\n\n * 400 InvalidBackupStorageAccountType - User passed zrs/lrs during create/update of a database but it failed either because the customer is not whitelisted or because zrs is not available in the specified region.\n\n * 400 DatabaseInvalidSkuPropertyCombination - The properties of the requested sku are inconsistent. Please check that a valid combination is specified. See https://docs.microsoft.com/en-us/rest/api/sql/capabilities/listbylocation#serviceobjectivecapability for more details.\n\n * 400 DatabaseNamedReplicaPerDatabaseLimitExceeded - User tried create a named replica that would exceed the allowed number per primary database\n\n * 400 UnsupportedBackupStorageRedundancyForEdition - The requested backup storage redundancy is not supported for edition\n\n * 400 DatabaseIsCurrentlyPinned - Microsoft has pinned your database SQL Server engine version. To ensure your database does not hit production issues, any future scale operations on your database will be blocked until it has been un-pinned. Please contact Microsoft support for assistance with scaling.\n\n * 400 RestoreTargetEditionSizeInsufficient - User attempted to restore a database to an edition that is a smaller size than the current allocated size of the source.\n\n * 400 DatabaseCreationBlockedForNonActivatedCMKServer - SQL Pool creations are blocked for CMK enabled workspaces until the workspace is activated. First, enable purge protection and grant the workspace Managed Identity the required permissions (Get, Wrap Key, Unwrap Key) on the Azure Key Vault of the workspace key. Next, activate your workspace after you have granted access.\n\n * 400 InvalidIdentityId - One or more identity id(s) provided are not valid ARM resource id(s). Please input valid id(s) and try again.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 InvalidNumberOfIdentities - Only one user assigned managed identity is supported at the Database Level.\n\n * 400 NoRestorePointAvailable - The source database has not yet accomplished its first backup in order to support restore operations. Please retry the restore request later.\n\n * 400 DatabaseNamedReplicaChainingNotAllowed - User tried to create a named replica of a named replica which is not allowed.\n\n * 400 DatabaseNamedReplicaInvalidOperation - User attempted an unsupported operation on a named replica.\n\n * 400 DatabaseNamedReplicaInvalidSourceDatabase - User attempted to create a named replica in a different subscription or region than the source database.\n\n * 400 DatabaseNamedReplicaSourceDatabaseNotZoneRedundant - Zone Redundancy cannot be enabled on this Named Replica since the primary Hyperscale Database is not zone redundant.\n\n * 400 CannotAssignIdentityToMaster - Cannot assign an identity to a system database. Database identity cannot be assigned to 'master', 'model', 'tempdb', 'msdb', or 'resource' databases.\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 CrossTierDatabaseOperationNotSupported - Operation not supported.\n\n * 400 MissingThumbprintCrm - The restore operation of a CRM database failed because a required TDE certificate was missing. Please retry the restore operation to an existing elastic pool.\n\n * 400 ElasticPoolOverStorage - Attempting to write data to a database when the storage limit of the elastic pool has been reached.\n\n * 400 RestoreTargetEditionSizeInsufficientV2 - User attempted to restore a database to an edition that is a smaller size than the allocated size of the restored database.\n\n * 400 ResourcePoolStorageLimitHitDuringRestore - The restored database can't be restored into the resource pool due to the remaining storage capacity in the pool.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 PerDatabaseCMKGeoReplicationNotSupported - Geo Replication and Database Copy is not supported when Database-level CMK is configured in preview.\n\n * 400 InvalidStandbyGeoEdition - User attempted to create a DTU based standby geo.\n\n * 400 ElasticPoolInconsistentVcoreGuaranteeSettings - The number of databases and VCore min per database cannot exceed requested VCores of the elastic pool.\n\n * 400 GeoRestoreBackupStorageTypeNotSupported - Database recovery requests are invalid when issued against a database that is not configured to use geo-redundant backup storage.\n\n * 400 RestoreHyperscaleToNonHyperscale - Restoring a Hyperscale database backup to a non-Hyperscale service tier or vice versa is not supported.\n\n * 400 SubscriptionDoesNotHaveAccessToServer - The subscription does not have access to the specified server(s)\n\n * 400 RecoveryPointDoesNotExist - The specified recovery point either does not exist or is not valid.\n\n * 400 LtrBackupNotFound - The specified long term retention backup does not exist.\n\n * 400 InvalidPointInTime - The specified point in time is not valid for the database.\n\n * 400 GeoRestoreCannotResolveTargetCluster - Cannot resolve target cluster for server\n\n * 400 CannotSpecifyEditionOrSloWhenRestoringToPool - Specifying the target service level objective or edition is not supported when restoring to an elastic pool.\n\n * 400 RestoreNotSupportedForGeoDrSecondary - Point-in-time restore and database recovery operations are not supported on databases that are currently configured as geo-secondaries.\n\n * 400 DatabaseNamedReplicaBackupRetentionConfigurationNotSupported - User attempted configuring backup retention policy on a Named Replica.\n\n * 400 GeoRedundantBackupsNotPermittedForSubscription - Geo-redundant backup storage is blocked for all databases under subscription '{0}' by preview feature 'Azure SQL Database Block Geo-redundant Backup Storage'. Please select a different backup storage redundancy.\n\n * 400 RestoreHyperscaleToNonHyperscaleElasticPool - Restoring a Hyperscale database to an elastic pool which is not Hyperscale or restoring a database which is not Hyperscale to a Hyperscale elastic pool is not supported.\n\n * 400 RestoreIneligibleDatabaseName - The specified target database name, '{0}', is reserved and cannot be used in a restore operation.\n\n * 400 RestoreNotSupportedForSystemDb - Restore and database recovery are not supported for system databases.\n\n * 400 RestoreIneligibleDroppedDatabaseShortLifespan - The source database, '{0}', dropped on '{1}', has not existed long enough to support restores.\n\n * 400 RestoreIneligibleLiveDatabaseShortLifespan - The source database, '{0}', has not yet accomplished its first backup in order to support restore operations. Please wait until at least the indicated earliest restore date '{1}' and resubmit the request.\n\n * 400 RestoreCrossServerDisabled - For point-in-time restores, the target logical server must be the same as the source logical server. Consider restoring to the source database's server, or using database copy or database recovery.\n\n * 400 RestoreSameServerRecoveryDisabled - Same-server recovery is currently not supported. Consider using point-in-time restore or recovering to a different server.\n\n * 400 RestoreNotSupportedFromLtrBackupToEdition - Restore from long-term retention backup to '{0}' edition not supported.\n\n * 400 RestoreNotSupportedFromExternalBackupToEdition - Restore from external backup to '{0}' edition not supported.\n\n * 400 UpdateToServerlessIfLtrIsNotDisabled - Enabling auto-pause for a serverless database is not supported if long-term backup retention is enabled.\n\n * 400 DuplicateRestoreOperation - A restore request with the same target database name '{0}' on server '{1}' already exists.\n\n * 400 ExternalBackupUriMalformed - The external backup storage container URI is malformed.\n\n * 400 ExternalBackupUriHostNotAllowed - The host name for the external backup storage container URI is not allowed.\n\n * 400 ExternalBackupUriInvalidSchemeOrPort - The external backup storage container URI uses an invalid scheme or port. Please use https and port 443.\n\n * 400 ExternalBackupVldbUnsupported - Hyperscale does not support external backup restore requests.\n\n * 400 CannotMoveOrDropSyncMetadataDatabase - Cannot drop database used as sync metadata database.\n\n * 400 InvalidPitrPriorToVldbMigration - For database '{0}', specified point-in-time '{1}' is prior to the Hyperscale migration time of '{2}'. Please specify a target edition or service level objective which is not Hyperscale when restoring to a point earlier than the Hyperscale migration.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 BlockRestoreOnVldbGeoSecondary - Restore of Hyperscale database where source database is geo-secondary is not allowed.\n\n * 400 BackupSetNotFound - No backups were found to restore the database. Please contact support to restore the database.\n\n * 400 IncorrectAccessToAzureKeyVault - Target server does not have access to all AKV Uris created during the backup time.\n\n * 400 RestoreFailureSqlInstanceUnhealthy - Unable to connect to the instance in order to perform restore operation.\n\n * 400 BackupSetBroken - Backup set is broken.\n\n * 400 TimeoutDuringRestore - A timeout was encountered while trying to connect to the restore target.\n\n * 400 BrokenRestorePlanGapInLogBackups - The restore plan is broken because firstLsn of current log backup is not equal to lastLsn of prev log backup.\n\n * 400 FullBackupMissingChecksum - Provided full backup is missing checksum.\n\n * 400 RequiredBackupIsNotLastRestored - Migration cannot be completed because provided backup file name is not the name of the last backup file that is restored.\n\n * 400 IncompatiblePhysicalLayoutNonOnlineDataFilesExist - Database backup contains incompatible physical layout. Non-online data files exist.\n\n * 400 IncompatiblePhysicalLayoutWrongNumberOfLogFiles - Database backup contains incompatible physical layout. Multiple log files are not supported.\n\n * 400 BackupSetNotFoundRecentPit - No backups were found to restore the database to the specified point in time. Please retry the operation. If the problem persists, contact support to restore the database.\n\n * 400 InvalidPublicMaintenanceConfiguration - User tried to specify public maintenance configuration which cannot be converted to internal id (malformed or wrong region).\n\n * 400 MaintenanceWindowNotSupportedForNamedReplica - User tried to create or update named replica with non-default maintenance window which is not supported.\n\n * 400 InvalidStandbyGeoReadScale - User attempted to enable read scale on a standby geo database that does not support it.\n\n * 400 PerDatabaseCMKKeyRotationAttemptedWhileOldThumbprintInUse - Key Rotation for the TDE Protector at the database level is blocked when active transactions are holding up the log encrypted with old keys. Please refer to aka.ms/azuresqldbkeyrotation for possible strategies to workaround this issue.\n\n * 400 PerDBCMKNotSupportedWithLTR - Database-level CMK is not supported when Long-term Backup Retention is enabled on the database.\n\n * 400 VBSEnclaveNotSupportedForDW - The preferredEnclaveType is not supported for dedicated SQL Pools.\n\n * 400 VBSEnclaveNotSupportedForDCSeriesSLO - Configuring the 'VBS' preferredEnclaveType for databases using the DC-series hardware configuration is not supported. DC-series databases are pre-configured with Intel SGX enclaves. Virtualization based security (VBS) enclaves are not supported.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutDatabaseLevelEncryptionProtector - Database-level encryption protector must be set on the target database while attempting to copy or replicate a database encrypted with a database level key.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 PerDatabaseCMKGeoPrimaryIsNotConfiguredWithDatabaseLevelEncryptionProtector - The geo-primary database must be configured with a database level encryption protector before setting a database level encryption protector on the geo-secondary.\n\n * 400 ElasticJobsNotSupportedOnAutoPauseEnabledDatabase - Auto-pause enabled serverless database is not supported as an Elastic Jobs database because job agent would prevent that database from pausing. You can either disable auto-pause on this serverless database or delete the job agent that is using this database. See here for more details: https://docs.microsoft.com/azure/azure-sql/database/serverless-tier-overview#auto-pausing\n\n * 400 VBSEnclaveNotSupportedForGeoReplicationWithDefaultEnclave - Configuring geo-replication is not supported for databases using different values of the preferredEnclaveType property. The primary '{0}' database on the '{1}' server uses the '{2}' preferredEnclaveType, whereas the specified preferredEnclaveType for the secondary '{3}' database on the '{4}' server is '{5}'.\n\n * 400 VBSEnclaveNotSupportedForPlannedFailoverBetweenDatabasesWithDifferentPreferredEnclaveTypes - Planned failover between primary and secondary database with different preferredEnclaveType is not supported for Virtualization-based security (VBS) enclaves.\n\n * 400 PerDatabaseCMKGeoPrimaryIsConfiguredWithDatabaseLevelEncryptionProtector - The geo-primary database must not be configured with a database level encryption protector when failing over to a geo-secondary without a database level encryption protector.\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 VBSEnclaveResourcePoolInvalidCombination - Adding a database with '{0}' preferredEnclaveType to an elastic pool '{1}' with '{2}' preferredEnclaveType is not supported. \nBefore adding the database to the elastic pool, ensure that the preferredEnclaveType is the same for both the database and the elastic pool. More information can be found on https://aka.ms/AlwaysEncryptedEnableSecureEnclaves\n\n * 400 MissingAsymmetricKeyOnTargetServer - Target server does not have access to an asymmetric key.\n\n * 400 MismatchingSubscriptionWithUrl - The provided subscription did not match the subscription in the Url.\n\n * 400 MultipleDroppedDatabasesWithTheSameName - Found multiple dropped databases with the same name on server.\n\n * 400 AzureKeyVaultClientError - The Azure Key Vault client encountered an error.\n\n * 400 AzureKeyVaultClientInfoError - An error occurred while obtaining information for the Azure Key Vault client.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 UnsupportedBackupStorageRedundancy - Specified Backup Storage Redundancy is not supported in target region.\n\n * 400 LTRSterlingToVldbMigrationNotSupported - Cannot change service objective for database to Hyperscale as long-term retention is not yet supported on Hyperscale. Please disable long-term retention on the database and retry.\n\n * 400 HyperscaleReverseMigrationNotSupported - Reverse migration of a Hyperscale database to Sterling hit an unsupported scenario.\n\n * 400 UpdateSloOperationIdDoesNotExist - The action failed because no active update-slo operation detected for server: {0}, database: {1};. Please retry the operation by specifying valid parameters.\n\n * 400 ManualCutoverUnsupported - Invalid use of manual-cutover option. Please check current and requested service objective and retry the operation by specifying valid parameters.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - Invalid request specifying a non-existent resource.\n\n * 404 CrossManagedInstanceDatabaseMovementNotExist - Database movement does not exist.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 409 DedicatedSqlPoolCreationBlockedForServerInNsp - Create and restore operations for SQL dedicated pools (formerly SQL DW) are not supported on servers within a network security perimeter. For more information, see https://go.microsoft.com/fwlink/?linkid=2324168.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidOperationForDatabaseInReplicationRelationship - A replication seeding operation was performed on a database that is already in a replication relationship.\n\n * 409 FreeDbAlreadyExists - Only one free database can exist for a subscription per region.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 SkuAssignmentInProgress - The current assignment request cannot be processed because a previous request has not completed.\n\n * 409 CurrentMemoryUsageExceedsSkuQuota - User attempted an sku update operation that cannot be completed due to the higher resource consumption.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 ServerDtuQuotaExceeded - Could not perform the operation because server would exceed the allowed Database Throughput Unit quota.\n\n * 409 UpdateSloFailedDatabaseTooBusy - Update SLO operation could not complete because database was too busy.\n\n * 409 UnableToAlterDatabaseInReplication - User altered edition on a database in a replication relationship.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 ElasticPoolBusy - A management operation was attempted on an elastic pool which is busy.\n\n * 409 SimultaneousSkuChangeNotAllowed - Service objective change operations cannot run on both databases of a replication relationship at the same time.\n\n * 409 TargetElasticPoolBeingUpdated - The update of elastic pool cannot be started because there is copy operation in progress for one of the databases in this elastic pool\n\n * 409 DatabaseCopyLimitPerReplicaReached - User reached the limit of concurrent database copies.\n\n * 409 ConflictRequestToUpdateBackupRedundancy - A conflict request to change backup storage redundancy is still in progress.\n\n * 409 DatabaseElasticPoolMaintenanceConflict - User tried to create or update a database with a specified maintenance configuration that conflicted with that of the elastic pool of the database.\n\n * 409 SubscriptionVcoreQuotaExceeded - Could not perform the operation because subscription would exceed the allowed vCore quota.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 InvalidManagedInstanceBackupMode - Invalid Managed Instance backup mode in the properties.\n\n * 400 InvalidManagedInstanceCompleteMode - Invalid Managed Instance complete mode in the properties.\n\n * 400 InvalidResourceManagedDatabaseMoveRequest - Invalid Managed Instance database move request.\n\n * 400 InvalidManagedDatabaseMoveTargetResourceId - Invalid Managed Instance database move target resource ID in the properties.\n\n * 400 InvalidMoveTargetResourceId - The target resource identifier in move request is invalid.\n\n * 400 MismatchingSubscriptionWithUrl - The provided subscription did not match the subscription in the Url.\n\n * 400 MismatchingResourceGroupNameWithUrl - The provided resource group name did not match the name in the Url.\n\n * 400 ManagedDatabaseMoveSourceAndTargetNameDoNotMatch - The specified database name '{0}' at the source instance and the specified database name '{1}' at the destination instance must be the same.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPrimary - The given primary field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidPartner - The given partners field in create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestDuplicatePartner - One or more of the provided partner servers are already part of the instance failover group. Please make sure the primary server and all of the given partner servers are unique.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidManagedInstanceRegion - The provided partner managed instance region in the instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPartnerCount - Only one partner region is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestUnsupportedPairCount - Only one managed instance pair is supported.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpoint - The readWriteEndpoint field is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalid - The create or update instance failover group request body is empty or invalid.\n\n * 400 InstanceFailoverGroupUpdateOrDeleteRequestOnSecondary - Modifications to the instance failover group are not allowed on a secondary server. Execute the request on the primary server.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestNegativeGracePeriodValues - Grace period value for the read-write endpoint must be non-negative.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestLessThanMinimumGracePeriodValues - Grace period value for the instance failover group must be greater than or equal to the '{0}' minutes minimum grace period\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFields - The property failoverWithDataLossGracePeriodMinutes must be provided when failover policy Automatic is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteFailoverPolicy - The failoverPolicy field for the read-write endpoint is required for create or update requests.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestInvalidReadWriteEndpointFieldsForManualPolicy - Grace period value should not be provided when failover policy Manual is selected for the read-write endpoint.\n\n * 400 InstanceFailoverGroupCreateOrUpdateRequestReadOnlyPropertyModified - The create or update instance failover group request body should not modify the read-only property '{0}'.\n\n * 400 InstanceFailoverGroupFailoverRequestOnPrimary - The failover request should be initiated on the secondary server of instance failover group.\n\n * 400 InstanceFailoverGroupPartnerManagedInstanceFromDifferentSubscription - Primary server and the partner server of failover group are from different subscriptions. Cross subscription for servers of failover group is not allowed.\n\n * 400 SystemDatabaseUnsupportedOperation - Unsupported operation for system database.\n\n * 400 ManagedInstanceDatabaseCopyOrMoveToInstanceWithOlderVersionEdition - Operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 XtpServerStateMismatch - Both source and target servers do not support memory optimized data.\n\n * 400 ManagedInstanceDatabaseLimitExceeded - This operation cannot start because specified target managed instance '{0}' already has maximum number of user databases.\n\n * 400 ManagedDatabaseGPFileSizeLimitExceeded - Creating a copy of a managed database on different SQL Managed Instance with General Purpose service tier would violate data file size limit. See: 'https://docs.microsoft.com/azure/azure-sql/managed-instance/resource-limits#service-tier-characteristics'.\n\n * 400 ManagedInstanceGPStorageAccountLimitExceeded - Creating a copy of a database on different SQL Managed Instance with General Purpose service tier would violate storage account size limit. See: 'https://docs.microsoft.com/azure/azure-sql/managed-instance/resource-limits#service-tier-characteristics'.\n\n * 400 TargetInsufficientStorage - Attempt to move/restore/copy database on the destination instance with insufficient space.\n\n * 400 BrokenConnectivityBetweenInstances - Database '{0}' operation failed because there is no network connectivity between source instance '{1}' and target instance '{2}'.\n\n * 400 SubnetOverlapBetweenInstances - Database '{0}' operation failed because there is no connectivity between source and target Azure SQL Managed Instance. This is because the target instance subnet has an overlapping address range with the subnet of the source instance.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 CrossTenantOperationNotSupported - Cross tenant operation is not supported.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 CrossResourceOperationNotSupported - Cross resource operation is not supported.\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ServerEditionMismatch - Edition must be the same as the primary server when creating a replica server.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 CloudLifterFogInaccessibleDbRoleMismatch - Unable to make database {0} on SQL Managed Instance {1} accessible because the instance role in failover group changed from {2} to {3} while the database was in the inaccessible state. Please restore the original database role by executing geo-failover and try again.\n\n * 400 CloudLifterGeodrBlocksDbActivate - Unable to make database {0} on SQL Managed Instance {1} accessible due to ongoing geodr operation. Please wait until the conflicting operation completes and try again.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 PlannedFailoverTimedOutForDatabase - User invoked planned failover, it timed out, and a specific database appears to be to blame.\n\n * 400 PlannedFailoverTimedOut - User invoked planned failover, and it timed out while trying to contact the partner management service.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidFailoverGroupRegion - Servers specified in an Instance Failover Group need to reside in different regions to provide isolation.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 InstanceFailoverGroupNotSecondary - Failover cannot be initiated from the primary server in a instance failover group.\n\n * 400 ManagedInstanceGeoDRNotAllowedForInstancePool - Creating auto-failover group (GeoDR) is not supported for Managed Instances provisioned inside instance pools. Auto failover groups can be created only for standalone Managed Instances.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceEstablishingFailoverGroupGeoPrimaryWithNewerVersionEditionThanSecondary - Failover group cannot be created because database format of the primary instance is not compatible with the database format of the secondary instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFailoverInFailoverGroupInstancesWithDifferentVersionEditions - Failover operation cannot be performed because of database format mismatch between the instances in the failover group. Consider upgrading the database format of the primary instance or deleting the failover group to promote current secondary instance to a stand-alone instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 ManagedInstanceNotAllowedInGeoDRSetupWhenFreemium - Deploying failover group is not supported with the free Azure SQL Managed Instance offer.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 ManagedInstanceGeoFailoverCannotBeExecuted - Managed Instance geo-failover cannot be executed at this time. Reason: '{0}'.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 GeoReplicationDatabaseNotSecondary - The operation expects the database to be a replication target.\n\n * 400 ManagedInstanceUpdateSloOngoing - The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\n\n * 400 FailoverGroupRegionMismatch - Partner region specified in Failover Group need to match the region of the partner managed instance indicated.\n\n * 400 DnsZoneMismatch - The DNSZone on the partner server is different from the DNSZone on the source server. This breaks InstanceFailoverGroup functionality.\n\n * 400 GeoDrInstanceSizeMismatch - Primary managed instance and partner managed instance do not have the same storage size.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 GeoDrSecondaryInstanceNotEmpty - Secondary managed instance has user databases. To create an instance failover group the secondary managed instance needs to be empty.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 InstanceFailoverGroupIncorrectNetworkingConfiguration - Networking configuration is incorrect. Primary server's replication traffic cannot reach secondary server.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedDatabaseNameInUse - Database '{0}' already exists. Choose a different database name.\n\n * 400 PitrPointInTimeInvalid - The point in time {0} is not valid. Valid point in time range from {1} days early to now and not before source server creation time.\n\n * 400 NoMoreSpaceInManagedInstance - The managed instance has reached its storage limit. The storage usage for the managed instance cannot exceed (%d) MBs.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 StorageAccountFull - Managed Instance has reached the total capacity of underlying Azure storage account. Azure Premium Storage account is limited to 35TB of allocated space.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 InvalidBackupRetentionPeriod - The retention days of {0} is not a valid configuration. Valid backup retention in days must be between {1} and {2}\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 DatabaseNumberLimitReached - Maximum number of databases for SQL Database Managed Instance reached.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 ManagedInstanceRestoreToInstanceWithOlderVersionEdition - Restore operation cannot be performed because database format of the source instance is not compatible with the database format of the destination instance. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 ElasticPoolOverStorageUsage - Attempting to write data to a database when the storage limit of the elastic pool has been reached.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 SourceDatabaseEncryptionProtectorKeyUriRequiredForPerDatabaseCMKCopyOrReplication - Geo secondary database missing AKV of geo primary database\n\n * 400 LtrPoolRestoreNoTargetSlo - Unable to determine target service level objective. If restoring from a long-term retention backup of a database that was in an elastic pool, either target elastic pool name or target service level objective must be supplied. If the source database was dropped, use Azure Powershell to specify the target service level objective.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 CannotMoveOrDropJobAccountDatabase - Cannot drop database associated with job account.\n\n * 400 JobAgentDatabaseEditionUnsupported - The specified database's service level objective is not supported for use as a job agent database.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 InvalidMaxSizeTierCombination - The specified tier does not support the specified database max size.\n\n * 400 InvalidTier - The user specified an invalid tier.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 CannotUpdateIsLedgerDatabase - The ledger property of an existing database cannot be updated.\n\n * 400 InvalidCollation - Collation is not recognized by the server.\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 RemoteDatabaseCopyPermission - User does not have sufficient permission to create a database copy on the specified server.\n\n * 400 SourceDatabaseNotFound - The source database does not exist.\n\n * 400 ChangeUnsupportedOnEntity - User attempted an unsupported create/update/delete operation on a given entity.\n\n * 400 UpdateNotAllowedInCurrentReplicationState - The operation is disallowed on the database in its current replication state.\n\n * 400 GeoReplicaLimitReached - The per-replica replication limit was reached.\n\n * 400 ReplicationSourceAndTargetMustHaveSameName - The replication source and target databases must have the same name.\n\n * 400 ReplicationSourceAndTargetMustBeInDifferentServers - The replication source and target databases must be in different logical servers.\n\n * 400 SourceServerNotFound - The server part of a source database id provided in a CreateDatabaseAsCopy API call doesn't map to an existing server.\n\n * 400 InvalidDatabaseCreateMode - Invalid request to create a database.\n\n * 400 TierChangeUnsupportedDueToMemoryOptimizedObject - The database cannot update its sku because it has memory-optimized objects.\n\n * 400 PartnerDBNotCompatibleForSGXEnclave - Attempt to set GeoDR link or update SLO for enclave enabled database is only supported when both database are running on DC-series hardware.\n\n * 400 InvalidAddSecondaryPermission - User does not have sufficient permission to add secondary on the specified server.\n\n * 400 UnsupportedServiceName - The specified name is an invalid name because it contains one or more unsupported unicode characters.\n\n * 400 CurrentDatabaseLogSizeExceedsMaxSize - User attempted to change the database to a sku with lower max log size than the current usage.\n\n * 400 TierChangeUnsupportedDueToCDCEnabledDatabase - The database cannot update its sku because it is enabled for CDC.\n\n * 400 IsLedgerDatabaseIsNotSupportedOnResourceType - Changing the ledger property is not supported for this resource type.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 InvalidTierSkuCombination - The specified tier does not support the specified sku.\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 OfferDisabledOnSubscription - Subscription offer type is restricted from provisioning the requested resource.\n\n * 400 InvalidTargetSubregion - The target server of a non-readable secondary is not in a DR paired Azure region.\n\n * 400 CurrentDatabaseSizeExceedsMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PartnerServerNotCompatible - The user is attempting to copy a database from a SAWA V1 server to a Sterling server or vice versa.\n\n * 400 IncorrectReplicationLinkState - The operation expects the database to be in an expected state on the replication link.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 UnableToCreateGeoChain - User attempted to create secondary database (chaining) even though automatic upload of ledger digests has been configured\n\n * 400 TargetElasticPoolDoesNotExist - The elastic pool does not exist on a server.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 ElasticPoolSkuCombinationInvalid - Elastic pool and sku can be specified together only if sku is specified as 'ElasticPool'.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 ElasticPoolTierCombinationInvalid - The database tier is different than the elastic pool service tier.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 ElasticPoolNameRequired - User tried to create or update database to elastic pool service objective without specifying the name of the elastic pool.\n\n * 400 InvalidReadScaleEdition - User attempted to enable read scale on a database type that does not support it.\n\n * 400 InvalidReadScaleUnits - User attempted to provide a read scale value that is not supported.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 GeoSecondaryMaxSizeUpdateFailed - The geo-secondary database is of a SLO that does not support the requested maxsize value or the geo-secondary is in an unsupported region or an update operation is already in progress on the geo-secondary database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 ElasticPoolInconsistentDtuGuaranteeSettings - Attempting to provide DTU min for databases in the elastic pool that exceeds requested DTUs of the elastic pool.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 ElasticPoolDatabaseCountOverLimit - Attempting to create or add database to elastic pool when the database count limit of the elastic pool has been reached.\n\n * 400 RequestedDatabaseSizeRequiresShrink - User attempted to ALTER DATABASE MODIFY MAXSIZE to modify the MAXSIZE for a database to a smaller size then the current size.\n\n * 400 CannotChangeToOrFromDataWarehouseTier - User attempted to change the sku of a database from DataWarehouse tier to non DataWarehouse tiers or vice versa.\n\n * 400 CurrentDatabaseSizeExceedsDbMaxSize - User attempted to reduce the max size for a database to a size smaller than the current usage.\n\n * 400 ElasticPoolDecreaseStorageLimitBelowUsage - Attempting to decrease the storage limit of the elastic pool below its storage usage.\n\n * 400 CannotUseTrailingWhitespacesInDatabaseName - The database name validation failed.\n\n * 400 UpdateNotAllowedOnPausedDatabase - User attempted to perform an update on a paused database.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 DatabaseNameInUse - Database already exists. Choose a different database name.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 SourceDatabaseEditionCouldNotBeUpgraded - The source database cannot have higher edition than the target database.\n\n * 400 TargetDatabaseEditionCouldNotBeDowngraded - The target database cannot have lower edition than the source database.\n\n * 400 UpdateNotAllowedIfGeoDrOperationInProgress - The operation is disallowed because copy or failover operation for database '{0}' on server '{1}' is currently in progress.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 ElasticPoolOverFileSpace - Insufficient file space in the elastic pool.\n\n * 400 InvalidLicenseType - User tried to create or update a database or elastic pool with unsupported license type.\n\n * 400 UnsupportedCapacity - User tried to create or update database with capacity which is not supported.\n\n * 400 RestoreToFreeEditionNotSupported - Restore and GeoRestore target cannot be free database.\n\n * 400 RestoreNotSupportedForFreeEdition - Restore and GeoRestore are not supported for free database.\n\n * 400 InvalidDroppedDatabase - Source database dropped does not exist on server within the supported recovery period.\n\n * 400 InvalidLiveDatabase - Source database does not exist on server within the supported recovery period. If restoring a dropped database, please specify its deletion date.\n\n * 400 InvalidVldbRecoverySlo - The Hyperscale edition recovery requires both source and target databases to use Hyperscale service level objective.\n\n * 400 CannotUpdateToFreeDatabase - Updating a database to the free sku is not supported.\n\n * 400 InvalidVldbRestoreSlo - The Hyperscale edition Point-In-Time restore requires both source and target databases to use Hyperscale service level objective.\n\n * 400 CannotSpecifyPoolOrSlo - Specifying an elastic pool and/or changing the service level objective or edition is not supported for edition.\n\n * 400 InvalidBackupStorageAccountType - User passed zrs/lrs during create/update of a database but it failed either because the customer is not whitelisted or because zrs is not available in the specified region.\n\n * 400 DatabaseInvalidSkuPropertyCombination - The properties of the requested sku are inconsistent. Please check that a valid combination is specified. See https://docs.microsoft.com/en-us/rest/api/sql/capabilities/listbylocation#serviceobjectivecapability for more details.\n\n * 400 DatabaseNamedReplicaPerDatabaseLimitExceeded - User tried create a named replica that would exceed the allowed number per primary database\n\n * 400 UnsupportedBackupStorageRedundancyForEdition - The requested backup storage redundancy is not supported for edition\n\n * 400 DatabaseIsCurrentlyPinned - Microsoft has pinned your database SQL Server engine version. To ensure your database does not hit production issues, any future scale operations on your database will be blocked until it has been un-pinned. Please contact Microsoft support for assistance with scaling.\n\n * 400 RestoreTargetEditionSizeInsufficient - User attempted to restore a database to an edition that is a smaller size than the current allocated size of the source.\n\n * 400 DatabaseCreationBlockedForNonActivatedCMKServer - SQL Pool creations are blocked for CMK enabled workspaces until the workspace is activated. First, enable purge protection and grant the workspace Managed Identity the required permissions (Get, Wrap Key, Unwrap Key) on the Azure Key Vault of the workspace key. Next, activate your workspace after you have granted access.\n\n * 400 InvalidIdentityId - One or more identity id(s) provided are not valid ARM resource id(s). Please input valid id(s) and try again.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 InvalidNumberOfIdentities - Only one user assigned managed identity is supported at the Database Level.\n\n * 400 NoRestorePointAvailable - The source database has not yet accomplished its first backup in order to support restore operations. Please retry the restore request later.\n\n * 400 DatabaseNamedReplicaChainingNotAllowed - User tried to create a named replica of a named replica which is not allowed.\n\n * 400 DatabaseNamedReplicaInvalidOperation - User attempted an unsupported operation on a named replica.\n\n * 400 DatabaseNamedReplicaInvalidSourceDatabase - User attempted to create a named replica in a different subscription or region than the source database.\n\n * 400 DatabaseNamedReplicaSourceDatabaseNotZoneRedundant - Zone Redundancy cannot be enabled on this Named Replica since the primary Hyperscale Database is not zone redundant.\n\n * 400 CannotAssignIdentityToMaster - Cannot assign an identity to a system database. Database identity cannot be assigned to 'master', 'model', 'tempdb', 'msdb', or 'resource' databases.\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 CrossTierDatabaseOperationNotSupported - Operation not supported.\n\n * 400 MissingThumbprintCrm - The restore operation of a CRM database failed because a required TDE certificate was missing. Please retry the restore operation to an existing elastic pool.\n\n * 400 ElasticPoolOverStorage - Attempting to write data to a database when the storage limit of the elastic pool has been reached.\n\n * 400 RestoreTargetEditionSizeInsufficientV2 - User attempted to restore a database to an edition that is a smaller size than the allocated size of the restored database.\n\n * 400 ResourcePoolStorageLimitHitDuringRestore - The restored database can't be restored into the resource pool due to the remaining storage capacity in the pool.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 PerDatabaseCMKGeoReplicationNotSupported - Geo Replication and Database Copy is not supported when Database-level CMK is configured in preview.\n\n * 400 InvalidStandbyGeoEdition - User attempted to create a DTU based standby geo.\n\n * 400 ElasticPoolInconsistentVcoreGuaranteeSettings - The number of databases and VCore min per database cannot exceed requested VCores of the elastic pool.\n\n * 400 GeoRestoreBackupStorageTypeNotSupported - Database recovery requests are invalid when issued against a database that is not configured to use geo-redundant backup storage.\n\n * 400 RestoreHyperscaleToNonHyperscale - Restoring a Hyperscale database backup to a non-Hyperscale service tier or vice versa is not supported.\n\n * 400 SubscriptionDoesNotHaveAccessToServer - The subscription does not have access to the specified server(s)\n\n * 400 RecoveryPointDoesNotExist - The specified recovery point either does not exist or is not valid.\n\n * 400 LtrBackupNotFound - The specified long term retention backup does not exist.\n\n * 400 InvalidPointInTime - The specified point in time is not valid for the database.\n\n * 400 GeoRestoreCannotResolveTargetCluster - Cannot resolve target cluster for server\n\n * 400 CannotSpecifyEditionOrSloWhenRestoringToPool - Specifying the target service level objective or edition is not supported when restoring to an elastic pool.\n\n * 400 RestoreNotSupportedForGeoDrSecondary - Point-in-time restore and database recovery operations are not supported on databases that are currently configured as geo-secondaries.\n\n * 400 DatabaseNamedReplicaBackupRetentionConfigurationNotSupported - User attempted configuring backup retention policy on a Named Replica.\n\n * 400 GeoRedundantBackupsNotPermittedForSubscription - Geo-redundant backup storage is blocked for all databases under subscription '{0}' by preview feature 'Azure SQL Database Block Geo-redundant Backup Storage'. Please select a different backup storage redundancy.\n\n * 400 RestoreHyperscaleToNonHyperscaleElasticPool - Restoring a Hyperscale database to an elastic pool which is not Hyperscale or restoring a database which is not Hyperscale to a Hyperscale elastic pool is not supported.\n\n * 400 RestoreIneligibleDatabaseName - The specified target database name, '{0}', is reserved and cannot be used in a restore operation.\n\n * 400 RestoreNotSupportedForSystemDb - Restore and database recovery are not supported for system databases.\n\n * 400 RestoreIneligibleDroppedDatabaseShortLifespan - The source database, '{0}', dropped on '{1}', has not existed long enough to support restores.\n\n * 400 RestoreIneligibleLiveDatabaseShortLifespan - The source database, '{0}', has not yet accomplished its first backup in order to support restore operations. Please wait until at least the indicated earliest restore date '{1}' and resubmit the request.\n\n * 400 RestoreCrossServerDisabled - For point-in-time restores, the target logical server must be the same as the source logical server. Consider restoring to the source database's server, or using database copy or database recovery.\n\n * 400 RestoreSameServerRecoveryDisabled - Same-server recovery is currently not supported. Consider using point-in-time restore or recovering to a different server.\n\n * 400 RestoreNotSupportedFromLtrBackupToEdition - Restore from long-term retention backup to '{0}' edition not supported.\n\n * 400 RestoreNotSupportedFromExternalBackupToEdition - Restore from external backup to '{0}' edition not supported.\n\n * 400 UpdateToServerlessIfLtrIsNotDisabled - Enabling auto-pause for a serverless database is not supported if long-term backup retention is enabled.\n\n * 400 DuplicateRestoreOperation - A restore request with the same target database name '{0}' on server '{1}' already exists.\n\n * 400 ExternalBackupUriMalformed - The external backup storage container URI is malformed.\n\n * 400 ExternalBackupUriHostNotAllowed - The host name for the external backup storage container URI is not allowed.\n\n * 400 ExternalBackupUriInvalidSchemeOrPort - The external backup storage container URI uses an invalid scheme or port. Please use https and port 443.\n\n * 400 ExternalBackupVldbUnsupported - Hyperscale does not support external backup restore requests.\n\n * 400 CannotMoveOrDropSyncMetadataDatabase - Cannot drop database used as sync metadata database.\n\n * 400 InvalidPitrPriorToVldbMigration - For database '{0}', specified point-in-time '{1}' is prior to the Hyperscale migration time of '{2}'. Please specify a target edition or service level objective which is not Hyperscale when restoring to a point earlier than the Hyperscale migration.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 BlockRestoreOnVldbGeoSecondary - Restore of Hyperscale database where source database is geo-secondary is not allowed.\n\n * 400 BackupSetNotFound - No backups were found to restore the database. Please contact support to restore the database.\n\n * 400 IncorrectAccessToAzureKeyVault - Target server does not have access to all AKV Uris created during the backup time.\n\n * 400 RestoreFailureSqlInstanceUnhealthy - Unable to connect to the instance in order to perform restore operation.\n\n * 400 BackupSetBroken - Backup set is broken.\n\n * 400 TimeoutDuringRestore - A timeout was encountered while trying to connect to the restore target.\n\n * 400 BrokenRestorePlanGapInLogBackups - The restore plan is broken because firstLsn of current log backup is not equal to lastLsn of prev log backup.\n\n * 400 FullBackupMissingChecksum - Provided full backup is missing checksum.\n\n * 400 RequiredBackupIsNotLastRestored - Migration cannot be completed because provided backup file name is not the name of the last backup file that is restored.\n\n * 400 IncompatiblePhysicalLayoutNonOnlineDataFilesExist - Database backup contains incompatible physical layout. Non-online data files exist.\n\n * 400 IncompatiblePhysicalLayoutWrongNumberOfLogFiles - Database backup contains incompatible physical layout. Multiple log files are not supported.\n\n * 400 BackupSetNotFoundRecentPit - No backups were found to restore the database to the specified point in time. Please retry the operation. If the problem persists, contact support to restore the database.\n\n * 400 InvalidPublicMaintenanceConfiguration - User tried to specify public maintenance configuration which cannot be converted to internal id (malformed or wrong region).\n\n * 400 MaintenanceWindowNotSupportedForNamedReplica - User tried to create or update named replica with non-default maintenance window which is not supported.\n\n * 400 InvalidStandbyGeoReadScale - User attempted to enable read scale on a standby geo database that does not support it.\n\n * 400 PerDatabaseCMKKeyRotationAttemptedWhileOldThumbprintInUse - Key Rotation for the TDE Protector at the database level is blocked when active transactions are holding up the log encrypted with old keys. Please refer to aka.ms/azuresqldbkeyrotation for possible strategies to workaround this issue.\n\n * 400 PerDBCMKNotSupportedWithLTR - Database-level CMK is not supported when Long-term Backup Retention is enabled on the database.\n\n * 400 VBSEnclaveNotSupportedForDW - The preferredEnclaveType is not supported for dedicated SQL Pools.\n\n * 400 VBSEnclaveNotSupportedForDCSeriesSLO - Configuring the 'VBS' preferredEnclaveType for databases using the DC-series hardware configuration is not supported. DC-series databases are pre-configured with Intel SGX enclaves. Virtualization based security (VBS) enclaves are not supported.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutDatabaseLevelEncryptionProtector - Database-level encryption protector must be set on the target database while attempting to copy or replicate a database encrypted with a database level key.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 PerDatabaseCMKGeoPrimaryIsNotConfiguredWithDatabaseLevelEncryptionProtector - The geo-primary database must be configured with a database level encryption protector before setting a database level encryption protector on the geo-secondary.\n\n * 400 ElasticJobsNotSupportedOnAutoPauseEnabledDatabase - Auto-pause enabled serverless database is not supported as an Elastic Jobs database because job agent would prevent that database from pausing. You can either disable auto-pause on this serverless database or delete the job agent that is using this database. See here for more details: https://docs.microsoft.com/azure/azure-sql/database/serverless-tier-overview#auto-pausing\n\n * 400 VBSEnclaveNotSupportedForGeoReplicationWithDefaultEnclave - Configuring geo-replication is not supported for databases using different values of the preferredEnclaveType property. The primary '{0}' database on the '{1}' server uses the '{2}' preferredEnclaveType, whereas the specified preferredEnclaveType for the secondary '{3}' database on the '{4}' server is '{5}'.\n\n * 400 VBSEnclaveNotSupportedForPlannedFailoverBetweenDatabasesWithDifferentPreferredEnclaveTypes - Planned failover between primary and secondary database with different preferredEnclaveType is not supported for Virtualization-based security (VBS) enclaves.\n\n * 400 PerDatabaseCMKGeoPrimaryIsConfiguredWithDatabaseLevelEncryptionProtector - The geo-primary database must not be configured with a database level encryption protector when failing over to a geo-secondary without a database level encryption protector.\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 VBSEnclaveResourcePoolInvalidCombination - Adding a database with '{0}' preferredEnclaveType to an elastic pool '{1}' with '{2}' preferredEnclaveType is not supported. \nBefore adding the database to the elastic pool, ensure that the preferredEnclaveType is the same for both the database and the elastic pool. More information can be found on https://aka.ms/AlwaysEncryptedEnableSecureEnclaves\n\n * 400 MissingAsymmetricKeyOnTargetServer - Target server does not have access to an asymmetric key.\n\n * 400 MismatchingSubscriptionWithUrl - The provided subscription did not match the subscription in the Url.\n\n * 400 MultipleDroppedDatabasesWithTheSameName - Found multiple dropped databases with the same name on server.\n\n * 400 AzureKeyVaultClientError - The Azure Key Vault client encountered an error.\n\n * 400 AzureKeyVaultClientInfoError - An error occurred while obtaining information for the Azure Key Vault client.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 UnsupportedBackupStorageRedundancy - Specified Backup Storage Redundancy is not supported in target region.\n\n * 400 LTRSterlingToVldbMigrationNotSupported - Cannot change service objective for database to Hyperscale as long-term retention is not yet supported on Hyperscale. Please disable long-term retention on the database and retry.\n\n * 400 HyperscaleReverseMigrationNotSupported - Reverse migration of a Hyperscale database to Sterling hit an unsupported scenario.\n\n * 400 UpdateSloOperationIdDoesNotExist - The action failed because no active update-slo operation detected for server: {0}, database: {1};. Please retry the operation by specifying valid parameters.\n\n * 400 ManualCutoverUnsupported - Invalid use of manual-cutover option. Please check current and requested service objective and retry the operation by specifying valid parameters.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - Invalid request specifying a non-existent resource.\n\n * 404 CrossManagedInstanceDatabaseMovementNotExist - Database movement does not exist.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 CannotFindServerCertificateWithThumbprint - Cannot find server certificate with thumbprint '{0}'. Please use PowerShell Cmdlet 'Add-AzureRmSqlManagedInstanceTransparentDataEncryptionCertificate' to create the certificate.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 RestoreSourceDatabaseNotFound - Could not find database '{0}' at time '{1}' that can be restored.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 CannotFindObject - Cannot find the object because it does not exist or you do not have permissions\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 405 ManagementServiceDropOnDroppingDatabaseNotAllowed - The user attempted to drop a database that is already being dropped.\n\n * 405 UnsupportedReplicationOperation - An unsupported replication operation was initiated on the database.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 ManagedInstanceContainsInaccessibleDatabases - The operation could not be completed because managed instance '{0}' contains databases that are in the Inaccessible state. Please either drop inaccessible databases or fix the issues with access to the customer-managed TDE protector key for managed instance before retrying operation. https://go.microsoft.com/fwlink/?linkid=2111623\n\n * 409 ManagedInstanceHasHybridLink - User tried to initiate operation that is not supported when managed instance has a hybrid link configured.\n\n * 409 GeoReplicationCannotBecomePrimaryDuringUndo - User attempted to failover or force-terminate a geo-link while the secondary is in a state where it may not be physically consistent and so cannot enter the primary role.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 InstanceFailoverGroupAlreadyExists - Failover group already exists on a given server.\n\n * 409 InstanceFailoverGroupBusy - Instance failover group is busy with another operation.\n\n * 409 InstanceFailoverGroupDnsRecordInUse - A duplicate DNS record exists for the requested endpoint.\n\n * 409 InvalidFailoverGroupName - Invalid Instance Failover Group name was supplied.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidDatabaseStateForOperation - The operation is not allowed on the database in its current replication state.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 ManagementServiceDatabaseBusy - Database '{0}' is busy with another operation. Please try your operation later.\n\n * 409 DedicatedSqlPoolCreationBlockedForServerInNsp - Create and restore operations for SQL dedicated pools (formerly SQL DW) are not supported on servers within a network security perimeter. For more information, see https://go.microsoft.com/fwlink/?linkid=2324168.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ConflictingDatabaseOperation - There is already some operation on the database and the current operation should wait till it is done.\n\n * 409 RemoteDatabaseExists - The destination database name already exists on the destination server.\n\n * 409 InvalidOperationForDatabaseNotInReplicationRelationship - A replication operation was performed on a database that is not in a replication relationship.\n\n * 409 InvalidOperationForDatabaseInReplicationRelationship - A replication seeding operation was performed on a database that is already in a replication relationship.\n\n * 409 FreeDbAlreadyExists - Only one free database can exist for a subscription per region.\n\n * 409 DuplicateGeoDrRelation - The databases are already in a replication relation. This is a duplicate request.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ConflictingSystemOperationInProgress - A system maintenance operation is in progress on the database and further operations need to wait until it is completed.\n\n * 409 SkuAssignmentInProgress - The current assignment request cannot be processed because a previous request has not completed.\n\n * 409 CurrentMemoryUsageExceedsSkuQuota - User attempted an sku update operation that cannot be completed due to the higher resource consumption.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 UpdateSloInProgress - User tried to initiate an incompatible operation while a SLO update was in progress.\n\n * 409 ServerDtuQuotaExceeded - Could not perform the operation because server would exceed the allowed Database Throughput Unit quota.\n\n * 409 UpdateSloFailedDatabaseTooBusy - Update SLO operation could not complete because database was too busy.\n\n * 409 UnableToAlterDatabaseInReplication - User altered edition on a database in a replication relationship.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 ElasticPoolBusy - A management operation was attempted on an elastic pool which is busy.\n\n * 409 SimultaneousSkuChangeNotAllowed - Service objective change operations cannot run on both databases of a replication relationship at the same time.\n\n * 409 TargetElasticPoolBeingUpdated - The update of elastic pool cannot be started because there is copy operation in progress for one of the databases in this elastic pool\n\n * 409 DatabaseCopyLimitPerReplicaReached - User reached the limit of concurrent database copies.\n\n * 409 ConflictRequestToUpdateBackupRedundancy - A conflict request to change backup storage redundancy is still in progress.\n\n * 409 DatabaseElasticPoolMaintenanceConflict - User tried to create or update a database with a specified maintenance configuration that conflicted with that of the elastic pool of the database.\n\n * 409 SubscriptionVcoreQuotaExceeded - Could not perform the operation because subscription would exceed the allowed vCore quota.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 500 ActivateOrDeactivateWorkflowThrottling - Activation or deactivation workflow failed because there are too many concurrent workflows\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 DatabaseUnavailable - The operation failed because the database is unavailable.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedInstanceDtcs.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedInstanceDtcs.json index 1eee4f894e6c..a4d93e291309 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedInstanceDtcs.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedInstanceDtcs.json @@ -245,6 +245,10 @@ "type": "string", "readOnly": true }, + "fqdnEnabled": { + "description": "Status of FQDN of managed instance DTC. Toggling this setting might trigger a restart of the managed instance.", + "type": "boolean" + }, "provisioningState": { "description": "Provisioning state of managed instance DTC.", "enum": [ diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedInstanceEncryptionProtectors.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedInstanceEncryptionProtectors.json index 53be95475f16..14d5610ae60b 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedInstanceEncryptionProtectors.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedInstanceEncryptionProtectors.json @@ -167,7 +167,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 InvalidEncryptionProtectorName - The encryption protector key name is not supported.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerKeyNotFound - The requested server key was not found on the current subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 EncryptionProtectorChangeInProgress - Cannot update database encryption key protector while protector change is already in progress\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", + "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 InvalidEncryptionProtectorName - The encryption protector key name is not supported.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerKeyNotFound - The requested server key was not found on the current subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 EncryptionProtectorChangeInProgress - Cannot update database encryption key protector while protector change is already in progress\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -232,7 +232,7 @@ "description": "Successfully revalidated the encryption protector." }, "default": { - "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 InvalidEncryptionProtectorName - The encryption protector key name is not supported.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerKeyNotFound - The requested server key was not found on the current subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 EncryptionProtectorChangeInProgress - Cannot update database encryption key protector while protector change is already in progress\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", + "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 InvalidEncryptionProtectorName - The encryption protector key name is not supported.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerKeyNotFound - The requested server key was not found on the current subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 EncryptionProtectorChangeInProgress - Cannot update database encryption key protector while protector change is already in progress\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedInstanceKeys.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedInstanceKeys.json index 52176f708046..e22daa954ccc 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedInstanceKeys.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedInstanceKeys.json @@ -160,7 +160,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", + "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -219,7 +219,7 @@ "description": "Successfully deleted the managed instance key." }, "default": { - "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", + "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedInstances.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedInstances.json index b39148eda1f5..220a7926ec59 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedInstances.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ManagedInstances.json @@ -267,7 +267,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 SubnetMissingRequiredDelegation - Selected subnet is not delegated for SQL Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidManagedServerDnsZonePartner - The resource URI of the geo-primary managed instance specified in the create request is invalid. Please ensure that the property is of the format /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/managedInstances/{managedInstanceName}\n\n * 400 ManagementServiceManagedServerDisabled - Operation failed since Managed Instance '{0}' is disabled. Please enable Managed Instance and try again.\n\n * 400 MiGeoRestoreWithWrongBackupStorageRedundancy - Geo-Restore is not allowed for managed instances with LRS/ZRS backup storage redundancy.\n\n * 400 LastBackupNameHasNewline - Please do not use forbidden characters ('\\n', '\\r') in lastBackupName.\n\n * 400 LastBackupNameHasNonAsciiCharacter - The operation was aborted because the 'LastBackupName' parameter contains invalid characters. Only ASCII characters are allowed.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 LRSCutoverDatabaseDoesNotExist - The operation was aborted because the database name specified in the request doesn't match any database name on the specified server.\n\n * 400 LRSCutoverDatabaseNotInRestoringState - The operation was aborted because the specified database is not in restoring state.\n\n * 400 LRSCutoverDatabaseAlreadyRestored - The operation was aborted because the specified database was already restored.\n\n * 400 LRSCutoverAlreadyInitiated - The operation was aborted because a cutover for the specified database is already in progress.\n\n * 400 ManagementServiceFeatureDisabled - User attempted to use a feature which is disabled.\n\n * 400 AadOnlyAuthenticationIsEnabled - Azure Active Directory Only Authentication is enabled. Please contact your system administrator.\n\n * 400 UpdatingInstanceAndBackupRedundancy - Instance zone redundancy and backup storage redundancy cannot be updated in the same request.\n\n * 400 DeleteOfManagedInstanceIsDisabled - Delete operation of managed instance is disabled.\n\n * 400 RequestCantLandOnPaaSv2Platform - Request needs to land on PaaSv2 platform but PaaSv2 is not enabled.\n\n * 400 CustomMaintenanceWindowIsDisabled - Custom maintenance window is not enabled.\n\n * 400 DeleteOfVersion2VirtualClusterIsDisabled - Delete of virtual cluster with version 2 is not enabled.\n\n * 400 DeleteOfVirtualClusterIsDisabled - Delete of virtual cluster is not enabled.\n\n * 400 MICantBeMovedFromOrToInstancePool - Existing managed instance can't be moved to managed instance pool.\n\n * 400 DnsRefreshOnVirtualClusterIsDisabled - Refresh of DNS records on virtual cluster is not enabled.\n\n * 400 MismatchingResourceGroupNameWithUrl - The provided resource group name did not match the name in the Url.\n\n * 400 MismatchingSubscriptionWithUrl - The provided subscription did not match the subscription in the Url.\n\n * 400 InvalidMinimalTlsVersion - Invalid minimal TLS version.\n\n * 400 InvalidResourceId - Invalid resource identifier.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 DeleteOfManagedInstanceIsDisabled - Delete operation of managed instance is disabled.\n\n * 400 CustomMaintenanceWindowIsDisabled - Custom maintenance window is not enabled.\n\n * 400 MICantBeMovedFromOrToInstancePool - Existing managed instance can't be moved to managed instance pool.\n\n * 400 InvalidMaintenanceWindowSettings - Invalid maintenance window settings.\n\n * 400 InvalidMaintenanceWindowProperty - Invalid maintenance window property was specified.\n\n * 400 InvalidMaintenanceWindowPropertyNull - Invalid maintenance window with required properties null.\n\n * 400 InvalidMaintenanceWindowTypeWithPropertySpecified - Maintenance window type must not have certain properties specified.\n\n * 400 UpdateOfParameterNotSupported - Update of '{0}' is not supported.\n\n * 400 MaintenancePolicyFeatureIsDisabled - Assigning customer maintenance policy is not enabled for provided subscription. Please use maintenanceConfigurationId property instead.\n\n * 400 MaintenancePolicyInvalidType - The provided value for w type is not valid. Please use one of the following values: SystemDefined, CustomerDefined.\n\n * 400 MaintenancePolicyInvalidMaintenanceConfigurationId - The provided value for maintenanceConfigurationId is not valid. Please check Public Maintenance Configuration list to get the list of available configurations.\n\n * 400 MaintenancePolicyInvalidStartHour - The provided value for startHour is not valid. Start time represents the hour of the day when maintenance event should start. Accepted values are 00-23. Please retry with appropriate value.\n\n * 400 MaintenancePolicyInvalidDayOfWeek - The provided value for dayOfWeek is not valid. Please use one of the following values: Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, Sunday.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 AadOnlyAuthenticationIsEnabled - Azure Active Directory Only Authentication is enabled. Please contact your system administrator.\n\n * 400 InvalidExternalAdministratorLogin - Invalid or missing external administrator login name.\n\n * 400 InvalidExternalAdministratorSid - Invalid or missing external administrator object id.\n\n * 400 InvalidExternalAdministratorTenantId - Invalid or missing external administrator tenant id.\n\n * 400 ExternalAdministratorPrincipalType - Invalid or missing external administrator principal type. Please select from User, Application or Group.\n\n * 400 MissingExternalAdministratorWithAadOnlyAuth - In order to use Azure AD Only Authentication, please provide details of an external administrator.\n\n * 400 ExternalAdministratorLoginSameAsSqlAdmin - The names of the Azure Active Directory administrator and of the server admin account must be different. Please provide different values.\n\n * 400 LTRBackupNotExists - The operation could not be completed because the backup does not exist.\n\n * 400 LongTermRetentionMigrationBackupStorageRedundancyNotAllowed - Changing backup storage redundancy is not allowed for LTR Copy operations.\n\n * 400 LtrRestoreFailedArchiveStorageTier - Restoring archived long-term retention backup is not supported. Restore can be performed only on rehydrated or regular long-term retention backups.\n\n * 400 LtrArchiveStorageTierNotEnabled - Archiving long-term retention backups is not enabled.\n\n * 400 LtrArchiveWrongParameters - ChangeLongTermRetentionBackupAccessTier is not supported for the desired (backupStorageAccessTier, operationMode) combination. Only (Archive, Move) and (Hot, Copy) are allowed.\n\n * 400 LTRArchiveRedundancyChangeFailed - Updating the backup storage redundancy type to zone-redundant storage is not supported when a long-term retention policy with the 'archive' backup storage access tier is set\n\n * 400 LongTermRetentionMigrationSubscriptionNotFound - The subscription could not be found.\n\n * 400 LtrOperationFailedBackupImmutable - Deleting Long Term Retention backup failed because the backup is immutable.\n\n * 400 DeleteLtrBackupWithLegalHold - The backup cannot be deleted because there is a legal hold placed on it. Remove the legal hold and retry.\n\n * 400 LTRBackupImmutableNotSet - The operation could not be completed because the backup is not configured for immutability.\n\n * 400 LTRBackupImmutabilityLocked - The operation could not be completed because the backup is immutable and locked. \n\n * 400 LongTermRetentionMigrationRequestNotSupported - Subscription is not allowed LTR backup Migration feature.\n\n * 400 LongTermRetentionMigrationCrossClusterRequestNotSupported - Source and target subscriptions are not allowed to communicate for LTR backup copy feature.\n\n * 400 LongTermRetentionMigrationParameterMissing - Required parameter missing for the operation.\n\n * 400 LongTermRetentionMigrationSameServerNotSupported - LTR Copy feature is not supported to copy LTR backups within same server.\n\n * 400 LongTermRetentionMigrationTargetServerNotFound - Target server does not exists or is not ready for LTR backup copy operation.\n\n * 400 LongTermRetentionMigrationTargetDatabaseNotFound - Target Database does not exists on the server.\n\n * 400 LongTermRetentionMigrationStorageTypeNotSupported - Specified Backup Storage Redundancy is not supported in target region.\n\n * 400 LongTermRetentionMigrationStorageMismatch - Active backup redundancy of database does not match backup redundancy requested by customer.\n\n * 400 LongTermRetentionMigrationDatabaseTypeNotSupported - LTR migration is only supported for managed instance and Azure SQL DB LTR backups.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 ServerPrincipalCreateLoginBadSyntax - There was an Syntax Error when executing Create Login statement for Azure AD Administrator.\n\n * 400 ManagedInstanceIsBusy - Managed Instance is busy with another request.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 ServicePrincipalLookupInAadFailedIdentityForbidden - AzureAD Lookup failed because MSI was not granted read permissions on AAD.\n\n * 400 PrincipalNotFoundInTenant - AzureAD Lookup returned no results for this name.\n\n * 400 ServerPrincipalHasDuplicateDisplayNameInAad - AzureAD Lookup returned multiple results for this name.\n\n * 400 InvalidPrincipalType - This principal type is not supported in Windows Azure SQL Database.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 ServicePrincipalLookupInAadFailed - AzureAD Lookup failed due to service infrastructure errors.\n\n * 400 TenantNotFoundInActiveDirectory - Tenant is not available in active directory.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 ManagedInstanceHasNoPermissionsToAccessAad - Attempt to perform operation, which involves a non-existing login or login on which executing principal has no permissions.\n\n * 404 ManagedInstanceNotInSubscriptionResourceGroup - Specified managed instance does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 LongTermRetentionMigrationBackupNotFound - LTR backup specified does not exists.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 409 MiCreateFailedNonDelegatedSubnet - User tried to deploy Managed Instance or Managed Instance pool in subnet that is not delegated to Microsoft.Sql/managedInstances.\n\n * 409 InstancePoolBusy - An instance pool is busy with another ongoing operation\n\n * 409 ConflictingManagedInstanceOperation - An operation is currently in progress for the managed instance.\n\n * 409 BackupRedundancyUpdateAndInstanceRedundancyConflict - The instance is multi-az but backup storage is being updated from zone redundant to non-zone redundant.\n\n * 409 InstanceRedundancyUpdateWhileBackupRedundancyUpdateInProgress - Cannot update instance redundancy because backup storage redundancy update is in progress.\n\n * 409 InstanceRedundancyUpdateAndBackupRedundancyConflict - The backup storage is non-zone redundant but instance redundancy is being updated to zone redundant.\n\n * 409 BackupRedundancyUpdateConflict - Cannot update backup storage redundancy because a backup storage redundancy update is already in progress.\n\n * 409 MiDropFailedOnAuthLocks - User tried to drop last Managed Instance in subnet that has Lock applied on resource(s).\n\n * 409 LongTermRetentionMigrationRequestConflict - A conflict operation on this LTR backup is still in progress.\n\n * 409 LongTermRetentionMigrationBackupConflict - Another LTR backup with same backup time for target database exists.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 ServerPrincipalOwnsJobs - Attempt to remove a login when it has active jobs.\n\n * 409 ServerPrincipalOwnsObjects - Attempt to drop a login, which owns objects.\n\n * 409 ServerPrincipalIsGrantorOfPermissions - Attempt to drop a server principal, which is a grantor of permissions.\n\n * 409 ServerPrincipalOwnsDatabase - Change the owner of the database(s) before dropping the login.\n\n * 409 ServerPrincipalCurrentlyLoggedIn - Self-explanatory.\n\n * 409 ServerPrincipalAlreadyExists - Attempt to create server principal with non-unique name.\n\n * 409 ServerPrincipalUsedInTriggerOrEventNotification - Attempt to drop login, which is used as an execution context of a trigger or event notification.\n\n * 412 InstanceNotReadyForBackupRedundancyUpdate - Cannot update backup storage redundancy because the instance is not ready.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 500 LongTermRetentionMigrationRequestCopyFailed - Copy operation failed for LTR backup blobs.\n\n * 500 LongTermRetentionMigrationRestoreVerExceeded - Restore verification failed after max attempts were reached.\n\n * 500 LongTermRetentionMigrationRestoreVerFailed - Restore verification failed.\n\n * 500 LongTermRetentionMigrationRequestFailedToStartOnTarget - Failed to start LTR backup copy request in target region.\n\n * 500 ActiveDirectoryLookupTimedOut - The operation could not be completed at this time. Please try again later.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 SubnetMissingRequiredDelegation - Selected subnet is not delegated for SQL Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 ManagedInstanceSubnetNameIsReservedAndNotAllowed - Managed Instance can not be created with reserved subnet name. The following subnet names are reserved in Azure: AzureFirewallSubnet, AzureFirewallManagementSubnet, AzureBastionSubnet, and GatewaySubnet.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidManagedServerDnsZonePartner - The resource URI of the geo-primary managed instance specified in the create request is invalid. Please ensure that the property is of the format /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/managedInstances/{managedInstanceName}\n\n * 400 ManagementServiceManagedServerDisabled - Operation failed since Managed Instance '{0}' is disabled. Please enable Managed Instance and try again.\n\n * 400 MiGeoRestoreWithWrongBackupStorageRedundancy - Geo-Restore is not allowed for managed instances with LRS/ZRS backup storage redundancy.\n\n * 400 LastBackupNameHasNewline - Please do not use forbidden characters ('\\n', '\\r') in lastBackupName.\n\n * 400 LastBackupNameHasNonAsciiCharacter - The operation was aborted because the 'LastBackupName' parameter contains invalid characters. Only ASCII characters are allowed.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 LRSCutoverDatabaseDoesNotExist - The operation was aborted because the database name specified in the request doesn't match any database name on the specified server.\n\n * 400 LRSCutoverDatabaseNotInRestoringState - The operation was aborted because the specified database is not in restoring state.\n\n * 400 LRSCutoverDatabaseAlreadyRestored - The operation was aborted because the specified database was already restored.\n\n * 400 LRSCutoverAlreadyInitiated - The operation was aborted because a cutover for the specified database is already in progress.\n\n * 400 ManagementServiceFeatureDisabled - User attempted to use a feature which is disabled.\n\n * 400 AadOnlyAuthenticationIsEnabled - Azure Active Directory Only Authentication is enabled. Please contact your system administrator.\n\n * 400 UpdatingInstanceAndBackupRedundancy - Instance zone redundancy and backup storage redundancy cannot be updated in the same request.\n\n * 400 DeleteOfManagedInstanceIsDisabled - Delete operation of managed instance is disabled.\n\n * 400 RequestCantLandOnPaaSv2Platform - Request needs to land on PaaSv2 platform but PaaSv2 is not enabled.\n\n * 400 CustomMaintenanceWindowIsDisabled - Custom maintenance window is not enabled.\n\n * 400 DeleteOfVersion2VirtualClusterIsDisabled - Delete of virtual cluster with version 2 is not enabled.\n\n * 400 DeleteOfVirtualClusterIsDisabled - Delete of virtual cluster is not enabled.\n\n * 400 MICantBeMovedFromOrToInstancePool - Existing managed instance can't be moved to managed instance pool.\n\n * 400 DnsRefreshOnVirtualClusterIsDisabled - Refresh of DNS records on virtual cluster is not enabled.\n\n * 400 MismatchingResourceGroupNameWithUrl - The provided resource group name did not match the name in the Url.\n\n * 400 MismatchingSubscriptionWithUrl - The provided subscription did not match the subscription in the Url.\n\n * 400 InvalidMinimalTlsVersion - Invalid minimal TLS version.\n\n * 400 InvalidResourceId - Invalid resource identifier.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 DeleteOfManagedInstanceIsDisabled - Delete operation of managed instance is disabled.\n\n * 400 CustomMaintenanceWindowIsDisabled - Custom maintenance window is not enabled.\n\n * 400 MICantBeMovedFromOrToInstancePool - Existing managed instance can't be moved to managed instance pool.\n\n * 400 InvalidMaintenanceWindowSettings - Invalid maintenance window settings.\n\n * 400 InvalidMaintenanceWindowProperty - Invalid maintenance window property was specified.\n\n * 400 InvalidMaintenanceWindowPropertyNull - Invalid maintenance window with required properties null.\n\n * 400 InvalidMaintenanceWindowTypeWithPropertySpecified - Maintenance window type must not have certain properties specified.\n\n * 400 UpdateOfParameterNotSupported - Update of '{0}' is not supported.\n\n * 400 MaintenancePolicyFeatureIsDisabled - Assigning customer maintenance policy is not enabled for provided subscription. Please use maintenanceConfigurationId property instead.\n\n * 400 MaintenancePolicyInvalidType - The provided value for w type is not valid. Please use one of the following values: SystemDefined, CustomerDefined.\n\n * 400 MaintenancePolicyInvalidMaintenanceConfigurationId - The provided value for maintenanceConfigurationId is not valid. Please check Public Maintenance Configuration list to get the list of available configurations.\n\n * 400 MaintenancePolicyInvalidStartHour - The provided value for startHour is not valid. Start time represents the hour of the day when maintenance event should start. Accepted values are 00-23. Please retry with appropriate value.\n\n * 400 MaintenancePolicyInvalidDayOfWeek - The provided value for dayOfWeek is not valid. Please use one of the following values: Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, Sunday.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 AadOnlyAuthenticationIsEnabled - Azure Active Directory Only Authentication is enabled. Please contact your system administrator.\n\n * 400 InvalidExternalAdministratorLogin - Invalid or missing external administrator login name.\n\n * 400 InvalidExternalAdministratorSid - Invalid or missing external administrator object id.\n\n * 400 InvalidExternalAdministratorTenantId - Invalid or missing external administrator tenant id.\n\n * 400 ExternalAdministratorPrincipalType - Invalid or missing external administrator principal type. Please select from User, Application or Group.\n\n * 400 MissingExternalAdministratorWithAadOnlyAuth - In order to use Azure AD Only Authentication, please provide details of an external administrator.\n\n * 400 ExternalAdministratorLoginSameAsSqlAdmin - The names of the Azure Active Directory administrator and of the server admin account must be different. Please provide different values.\n\n * 400 LTRBackupNotExists - The operation could not be completed because the backup does not exist.\n\n * 400 LongTermRetentionMigrationBackupStorageRedundancyNotAllowed - Changing backup storage redundancy is not allowed for LTR Copy operations.\n\n * 400 LtrRestoreFailedArchiveStorageTier - Restoring archived long-term retention backup is not supported. Restore can be performed only on rehydrated or regular long-term retention backups.\n\n * 400 LtrArchiveStorageTierNotEnabled - Archiving long-term retention backups is not enabled.\n\n * 400 LtrArchiveWrongParameters - ChangeLongTermRetentionBackupAccessTier is not supported for the desired (backupStorageAccessTier, operationMode) combination. Only (Archive, Move) and (Hot, Copy) are allowed.\n\n * 400 LTRArchiveRedundancyChangeFailed - Updating the backup storage redundancy type to zone-redundant storage is not supported when a long-term retention policy with the 'archive' backup storage access tier is set\n\n * 400 LongTermRetentionMigrationSubscriptionNotFound - The subscription could not be found.\n\n * 400 LtrOperationFailedBackupImmutable - Deleting Long Term Retention backup failed because the backup is immutable.\n\n * 400 DeleteLtrBackupWithLegalHold - The backup cannot be deleted because there is a legal hold placed on it. Remove the legal hold and retry.\n\n * 400 LTRBackupImmutableNotSet - The operation could not be completed because the backup is not configured for immutability.\n\n * 400 LTRBackupImmutabilityLocked - The operation could not be completed because the backup is immutable and locked. \n\n * 400 LongTermRetentionMigrationRequestNotSupported - Subscription is not allowed LTR backup Migration feature.\n\n * 400 LongTermRetentionMigrationCrossClusterRequestNotSupported - Source and target subscriptions are not allowed to communicate for LTR backup copy feature.\n\n * 400 LongTermRetentionMigrationParameterMissing - Required parameter missing for the operation.\n\n * 400 LongTermRetentionMigrationSameServerNotSupported - LTR Copy feature is not supported to copy LTR backups within same server.\n\n * 400 LongTermRetentionMigrationTargetServerNotFound - Target server does not exists or is not ready for LTR backup copy operation.\n\n * 400 LongTermRetentionMigrationTargetDatabaseNotFound - Target Database does not exists on the server.\n\n * 400 LongTermRetentionMigrationStorageTypeNotSupported - Specified Backup Storage Redundancy is not supported in target region.\n\n * 400 LongTermRetentionMigrationStorageMismatch - Active backup redundancy of database does not match backup redundancy requested by customer.\n\n * 400 LongTermRetentionMigrationDatabaseTypeNotSupported - LTR migration is only supported for managed instance and Azure SQL DB LTR backups.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 ServerPrincipalCreateLoginBadSyntax - There was an Syntax Error when executing Create Login statement for Azure AD Administrator.\n\n * 400 ManagedInstanceIsBusy - Managed Instance is busy with another request.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 ServicePrincipalLookupInAadFailedIdentityForbidden - AzureAD Lookup failed because MSI was not granted read permissions on AAD.\n\n * 400 PrincipalNotFoundInTenant - AzureAD Lookup returned no results for this name.\n\n * 400 ServerPrincipalHasDuplicateDisplayNameInAad - AzureAD Lookup returned multiple results for this name.\n\n * 400 InvalidPrincipalType - This principal type is not supported in Windows Azure SQL Database.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 ServicePrincipalLookupInAadFailed - AzureAD Lookup failed due to service infrastructure errors.\n\n * 400 TenantNotFoundInActiveDirectory - Tenant is not available in active directory.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 ManagedInstanceHasNoPermissionsToAccessAad - Attempt to perform operation, which involves a non-existing login or login on which executing principal has no permissions.\n\n * 404 ManagedInstanceNotInSubscriptionResourceGroup - Specified managed instance does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 LongTermRetentionMigrationBackupNotFound - LTR backup specified does not exists.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 409 MiCreateFailedNonDelegatedSubnet - User tried to deploy Managed Instance or Managed Instance pool in subnet that is not delegated to Microsoft.Sql/managedInstances.\n\n * 409 InstancePoolBusy - An instance pool is busy with another ongoing operation\n\n * 409 ConflictingManagedInstanceOperation - An operation is currently in progress for the managed instance.\n\n * 409 BackupRedundancyUpdateAndInstanceRedundancyConflict - The instance is multi-az but backup storage is being updated from zone redundant to non-zone redundant.\n\n * 409 InstanceRedundancyUpdateWhileBackupRedundancyUpdateInProgress - Cannot update instance redundancy because backup storage redundancy update is in progress.\n\n * 409 InstanceRedundancyUpdateAndBackupRedundancyConflict - The backup storage is non-zone redundant but instance redundancy is being updated to zone redundant.\n\n * 409 BackupRedundancyUpdateConflict - Cannot update backup storage redundancy because a backup storage redundancy update is already in progress.\n\n * 409 MiDropFailedOnAuthLocks - User tried to drop last Managed Instance in subnet that has Lock applied on resource(s).\n\n * 409 LongTermRetentionMigrationRequestConflict - A conflict operation on this LTR backup is still in progress.\n\n * 409 LongTermRetentionMigrationBackupConflict - Another LTR backup with same backup time for target database exists.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 ServerPrincipalOwnsJobs - Attempt to remove a login when it has active jobs.\n\n * 409 ServerPrincipalOwnsObjects - Attempt to drop a login, which owns objects.\n\n * 409 ServerPrincipalIsGrantorOfPermissions - Attempt to drop a server principal, which is a grantor of permissions.\n\n * 409 ServerPrincipalOwnsDatabase - Change the owner of the database(s) before dropping the login.\n\n * 409 ServerPrincipalCurrentlyLoggedIn - Self-explanatory.\n\n * 409 ServerPrincipalAlreadyExists - Attempt to create server principal with non-unique name.\n\n * 409 ServerPrincipalUsedInTriggerOrEventNotification - Attempt to drop login, which is used as an execution context of a trigger or event notification.\n\n * 412 InstanceNotReadyForBackupRedundancyUpdate - Cannot update backup storage redundancy because the instance is not ready.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 500 LongTermRetentionMigrationRequestCopyFailed - Copy operation failed for LTR backup blobs.\n\n * 500 LongTermRetentionMigrationRestoreVerExceeded - Restore verification failed after max attempts were reached.\n\n * 500 LongTermRetentionMigrationRestoreVerFailed - Restore verification failed.\n\n * 500 LongTermRetentionMigrationRequestFailedToStartOnTarget - Failed to start LTR backup copy request in target region.\n\n * 500 ActiveDirectoryLookupTimedOut - The operation could not be completed at this time. Please try again later.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -383,7 +383,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 SubnetMissingRequiredDelegation - Selected subnet is not delegated for SQL Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagementServiceManagedServerDisabled - Operation failed since Managed Instance '{0}' is disabled. Please enable Managed Instance and try again.\n\n * 400 MiGeoRestoreWithWrongBackupStorageRedundancy - Geo-Restore is not allowed for managed instances with LRS/ZRS backup storage redundancy.\n\n * 400 LastBackupNameHasNewline - Please do not use forbidden characters ('\\n', '\\r') in lastBackupName.\n\n * 400 LastBackupNameHasNonAsciiCharacter - The operation was aborted because the 'LastBackupName' parameter contains invalid characters. Only ASCII characters are allowed.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 LRSCutoverDatabaseDoesNotExist - The operation was aborted because the database name specified in the request doesn't match any database name on the specified server.\n\n * 400 LRSCutoverDatabaseNotInRestoringState - The operation was aborted because the specified database is not in restoring state.\n\n * 400 LRSCutoverDatabaseAlreadyRestored - The operation was aborted because the specified database was already restored.\n\n * 400 LRSCutoverAlreadyInitiated - The operation was aborted because a cutover for the specified database is already in progress.\n\n * 400 ManagementServiceFeatureDisabled - User attempted to use a feature which is disabled.\n\n * 400 AadOnlyAuthenticationIsEnabled - Azure Active Directory Only Authentication is enabled. Please contact your system administrator.\n\n * 400 UpdatingInstanceAndBackupRedundancy - Instance zone redundancy and backup storage redundancy cannot be updated in the same request.\n\n * 400 DeleteOfManagedInstanceIsDisabled - Delete operation of managed instance is disabled.\n\n * 400 RequestCantLandOnPaaSv2Platform - Request needs to land on PaaSv2 platform but PaaSv2 is not enabled.\n\n * 400 CustomMaintenanceWindowIsDisabled - Custom maintenance window is not enabled.\n\n * 400 DeleteOfVersion2VirtualClusterIsDisabled - Delete of virtual cluster with version 2 is not enabled.\n\n * 400 DeleteOfVirtualClusterIsDisabled - Delete of virtual cluster is not enabled.\n\n * 400 MICantBeMovedFromOrToInstancePool - Existing managed instance can't be moved to managed instance pool.\n\n * 400 DnsRefreshOnVirtualClusterIsDisabled - Refresh of DNS records on virtual cluster is not enabled.\n\n * 400 MismatchingResourceGroupNameWithUrl - The provided resource group name did not match the name in the Url.\n\n * 400 MismatchingSubscriptionWithUrl - The provided subscription did not match the subscription in the Url.\n\n * 400 InvalidMinimalTlsVersion - Invalid minimal TLS version.\n\n * 400 InvalidResourceId - Invalid resource identifier.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 DeleteOfManagedInstanceIsDisabled - Delete operation of managed instance is disabled.\n\n * 400 CustomMaintenanceWindowIsDisabled - Custom maintenance window is not enabled.\n\n * 400 MICantBeMovedFromOrToInstancePool - Existing managed instance can't be moved to managed instance pool.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 AadOnlyAuthenticationIsEnabled - Azure Active Directory Only Authentication is enabled. Please contact your system administrator.\n\n * 400 InvalidExternalAdministratorLogin - Invalid or missing external administrator login name.\n\n * 400 InvalidExternalAdministratorSid - Invalid or missing external administrator object id.\n\n * 400 InvalidExternalAdministratorTenantId - Invalid or missing external administrator tenant id.\n\n * 400 ExternalAdministratorPrincipalType - Invalid or missing external administrator principal type. Please select from User, Application or Group.\n\n * 400 MissingExternalAdministratorWithAadOnlyAuth - In order to use Azure AD Only Authentication, please provide details of an external administrator.\n\n * 400 ExternalAdministratorLoginSameAsSqlAdmin - The names of the Azure Active Directory administrator and of the server admin account must be different. Please provide different values.\n\n * 400 InvalidMaintenanceWindowSettings - Invalid maintenance window settings.\n\n * 400 InvalidMaintenanceWindowProperty - Invalid maintenance window property was specified.\n\n * 400 InvalidMaintenanceWindowPropertyNull - Invalid maintenance window with required properties null.\n\n * 400 InvalidMaintenanceWindowTypeWithPropertySpecified - Maintenance window type must not have certain properties specified.\n\n * 400 UpdateOfParameterNotSupported - Update of '{0}' is not supported.\n\n * 400 MaintenancePolicyFeatureIsDisabled - Assigning customer maintenance policy is not enabled for provided subscription. Please use maintenanceConfigurationId property instead.\n\n * 400 MaintenancePolicyInvalidType - The provided value for w type is not valid. Please use one of the following values: SystemDefined, CustomerDefined.\n\n * 400 MaintenancePolicyInvalidMaintenanceConfigurationId - The provided value for maintenanceConfigurationId is not valid. Please check Public Maintenance Configuration list to get the list of available configurations.\n\n * 400 MaintenancePolicyInvalidStartHour - The provided value for startHour is not valid. Start time represents the hour of the day when maintenance event should start. Accepted values are 00-23. Please retry with appropriate value.\n\n * 400 MaintenancePolicyInvalidDayOfWeek - The provided value for dayOfWeek is not valid. Please use one of the following values: Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, Sunday.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 ServerPrincipalCreateLoginBadSyntax - There was an Syntax Error when executing Create Login statement for Azure AD Administrator.\n\n * 400 ManagedInstanceIsBusy - Managed Instance is busy with another request.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 ServicePrincipalLookupInAadFailedIdentityForbidden - AzureAD Lookup failed because MSI was not granted read permissions on AAD.\n\n * 400 PrincipalNotFoundInTenant - AzureAD Lookup returned no results for this name.\n\n * 400 ServerPrincipalHasDuplicateDisplayNameInAad - AzureAD Lookup returned multiple results for this name.\n\n * 400 InvalidPrincipalType - This principal type is not supported in Windows Azure SQL Database.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 ServicePrincipalLookupInAadFailed - AzureAD Lookup failed due to service infrastructure errors.\n\n * 400 TenantNotFoundInActiveDirectory - Tenant is not available in active directory.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 ManagedInstanceHasNoPermissionsToAccessAad - Attempt to perform operation, which involves a non-existing login or login on which executing principal has no permissions.\n\n * 404 ManagedInstanceNotInSubscriptionResourceGroup - Specified managed instance does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 409 MiCreateFailedNonDelegatedSubnet - User tried to deploy Managed Instance or Managed Instance pool in subnet that is not delegated to Microsoft.Sql/managedInstances.\n\n * 409 InstancePoolBusy - An instance pool is busy with another ongoing operation\n\n * 409 ConflictingManagedInstanceOperation - An operation is currently in progress for the managed instance.\n\n * 409 BackupRedundancyUpdateAndInstanceRedundancyConflict - The instance is multi-az but backup storage is being updated from zone redundant to non-zone redundant.\n\n * 409 InstanceRedundancyUpdateWhileBackupRedundancyUpdateInProgress - Cannot update instance redundancy because backup storage redundancy update is in progress.\n\n * 409 InstanceRedundancyUpdateAndBackupRedundancyConflict - The backup storage is non-zone redundant but instance redundancy is being updated to zone redundant.\n\n * 409 BackupRedundancyUpdateConflict - Cannot update backup storage redundancy because a backup storage redundancy update is already in progress.\n\n * 409 MiDropFailedOnAuthLocks - User tried to drop last Managed Instance in subnet that has Lock applied on resource(s).\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 ServerPrincipalOwnsJobs - Attempt to remove a login when it has active jobs.\n\n * 409 ServerPrincipalOwnsObjects - Attempt to drop a login, which owns objects.\n\n * 409 ServerPrincipalIsGrantorOfPermissions - Attempt to drop a server principal, which is a grantor of permissions.\n\n * 409 ServerPrincipalOwnsDatabase - Change the owner of the database(s) before dropping the login.\n\n * 409 ServerPrincipalCurrentlyLoggedIn - Self-explanatory.\n\n * 409 ServerPrincipalAlreadyExists - Attempt to create server principal with non-unique name.\n\n * 409 ServerPrincipalUsedInTriggerOrEventNotification - Attempt to drop login, which is used as an execution context of a trigger or event notification.\n\n * 412 InstanceNotReadyForBackupRedundancyUpdate - Cannot update backup storage redundancy because the instance is not ready.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 500 ActiveDirectoryLookupTimedOut - The operation could not be completed at this time. Please try again later.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 SubnetMissingRequiredDelegation - Selected subnet is not delegated for SQL Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 ManagedInstanceSubnetNameIsReservedAndNotAllowed - Managed Instance can not be created with reserved subnet name. The following subnet names are reserved in Azure: AzureFirewallSubnet, AzureFirewallManagementSubnet, AzureBastionSubnet, and GatewaySubnet.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagementServiceManagedServerDisabled - Operation failed since Managed Instance '{0}' is disabled. Please enable Managed Instance and try again.\n\n * 400 MiGeoRestoreWithWrongBackupStorageRedundancy - Geo-Restore is not allowed for managed instances with LRS/ZRS backup storage redundancy.\n\n * 400 LastBackupNameHasNewline - Please do not use forbidden characters ('\\n', '\\r') in lastBackupName.\n\n * 400 LastBackupNameHasNonAsciiCharacter - The operation was aborted because the 'LastBackupName' parameter contains invalid characters. Only ASCII characters are allowed.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 LRSCutoverDatabaseDoesNotExist - The operation was aborted because the database name specified in the request doesn't match any database name on the specified server.\n\n * 400 LRSCutoverDatabaseNotInRestoringState - The operation was aborted because the specified database is not in restoring state.\n\n * 400 LRSCutoverDatabaseAlreadyRestored - The operation was aborted because the specified database was already restored.\n\n * 400 LRSCutoverAlreadyInitiated - The operation was aborted because a cutover for the specified database is already in progress.\n\n * 400 ManagementServiceFeatureDisabled - User attempted to use a feature which is disabled.\n\n * 400 AadOnlyAuthenticationIsEnabled - Azure Active Directory Only Authentication is enabled. Please contact your system administrator.\n\n * 400 UpdatingInstanceAndBackupRedundancy - Instance zone redundancy and backup storage redundancy cannot be updated in the same request.\n\n * 400 DeleteOfManagedInstanceIsDisabled - Delete operation of managed instance is disabled.\n\n * 400 RequestCantLandOnPaaSv2Platform - Request needs to land on PaaSv2 platform but PaaSv2 is not enabled.\n\n * 400 CustomMaintenanceWindowIsDisabled - Custom maintenance window is not enabled.\n\n * 400 DeleteOfVersion2VirtualClusterIsDisabled - Delete of virtual cluster with version 2 is not enabled.\n\n * 400 DeleteOfVirtualClusterIsDisabled - Delete of virtual cluster is not enabled.\n\n * 400 MICantBeMovedFromOrToInstancePool - Existing managed instance can't be moved to managed instance pool.\n\n * 400 DnsRefreshOnVirtualClusterIsDisabled - Refresh of DNS records on virtual cluster is not enabled.\n\n * 400 MismatchingResourceGroupNameWithUrl - The provided resource group name did not match the name in the Url.\n\n * 400 MismatchingSubscriptionWithUrl - The provided subscription did not match the subscription in the Url.\n\n * 400 InvalidMinimalTlsVersion - Invalid minimal TLS version.\n\n * 400 InvalidResourceId - Invalid resource identifier.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 DeleteOfManagedInstanceIsDisabled - Delete operation of managed instance is disabled.\n\n * 400 CustomMaintenanceWindowIsDisabled - Custom maintenance window is not enabled.\n\n * 400 MICantBeMovedFromOrToInstancePool - Existing managed instance can't be moved to managed instance pool.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 AadOnlyAuthenticationIsEnabled - Azure Active Directory Only Authentication is enabled. Please contact your system administrator.\n\n * 400 InvalidExternalAdministratorLogin - Invalid or missing external administrator login name.\n\n * 400 InvalidExternalAdministratorSid - Invalid or missing external administrator object id.\n\n * 400 InvalidExternalAdministratorTenantId - Invalid or missing external administrator tenant id.\n\n * 400 ExternalAdministratorPrincipalType - Invalid or missing external administrator principal type. Please select from User, Application or Group.\n\n * 400 MissingExternalAdministratorWithAadOnlyAuth - In order to use Azure AD Only Authentication, please provide details of an external administrator.\n\n * 400 ExternalAdministratorLoginSameAsSqlAdmin - The names of the Azure Active Directory administrator and of the server admin account must be different. Please provide different values.\n\n * 400 InvalidMaintenanceWindowSettings - Invalid maintenance window settings.\n\n * 400 InvalidMaintenanceWindowProperty - Invalid maintenance window property was specified.\n\n * 400 InvalidMaintenanceWindowPropertyNull - Invalid maintenance window with required properties null.\n\n * 400 InvalidMaintenanceWindowTypeWithPropertySpecified - Maintenance window type must not have certain properties specified.\n\n * 400 UpdateOfParameterNotSupported - Update of '{0}' is not supported.\n\n * 400 MaintenancePolicyFeatureIsDisabled - Assigning customer maintenance policy is not enabled for provided subscription. Please use maintenanceConfigurationId property instead.\n\n * 400 MaintenancePolicyInvalidType - The provided value for w type is not valid. Please use one of the following values: SystemDefined, CustomerDefined.\n\n * 400 MaintenancePolicyInvalidMaintenanceConfigurationId - The provided value for maintenanceConfigurationId is not valid. Please check Public Maintenance Configuration list to get the list of available configurations.\n\n * 400 MaintenancePolicyInvalidStartHour - The provided value for startHour is not valid. Start time represents the hour of the day when maintenance event should start. Accepted values are 00-23. Please retry with appropriate value.\n\n * 400 MaintenancePolicyInvalidDayOfWeek - The provided value for dayOfWeek is not valid. Please use one of the following values: Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, Sunday.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 ServerPrincipalCreateLoginBadSyntax - There was an Syntax Error when executing Create Login statement for Azure AD Administrator.\n\n * 400 ManagedInstanceIsBusy - Managed Instance is busy with another request.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 ServicePrincipalLookupInAadFailedIdentityForbidden - AzureAD Lookup failed because MSI was not granted read permissions on AAD.\n\n * 400 PrincipalNotFoundInTenant - AzureAD Lookup returned no results for this name.\n\n * 400 ServerPrincipalHasDuplicateDisplayNameInAad - AzureAD Lookup returned multiple results for this name.\n\n * 400 InvalidPrincipalType - This principal type is not supported in Windows Azure SQL Database.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 ServicePrincipalLookupInAadFailed - AzureAD Lookup failed due to service infrastructure errors.\n\n * 400 TenantNotFoundInActiveDirectory - Tenant is not available in active directory.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 ManagedInstanceHasNoPermissionsToAccessAad - Attempt to perform operation, which involves a non-existing login or login on which executing principal has no permissions.\n\n * 404 ManagedInstanceNotInSubscriptionResourceGroup - Specified managed instance does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 409 MiCreateFailedNonDelegatedSubnet - User tried to deploy Managed Instance or Managed Instance pool in subnet that is not delegated to Microsoft.Sql/managedInstances.\n\n * 409 InstancePoolBusy - An instance pool is busy with another ongoing operation\n\n * 409 ConflictingManagedInstanceOperation - An operation is currently in progress for the managed instance.\n\n * 409 BackupRedundancyUpdateAndInstanceRedundancyConflict - The instance is multi-az but backup storage is being updated from zone redundant to non-zone redundant.\n\n * 409 InstanceRedundancyUpdateWhileBackupRedundancyUpdateInProgress - Cannot update instance redundancy because backup storage redundancy update is in progress.\n\n * 409 InstanceRedundancyUpdateAndBackupRedundancyConflict - The backup storage is non-zone redundant but instance redundancy is being updated to zone redundant.\n\n * 409 BackupRedundancyUpdateConflict - Cannot update backup storage redundancy because a backup storage redundancy update is already in progress.\n\n * 409 MiDropFailedOnAuthLocks - User tried to drop last Managed Instance in subnet that has Lock applied on resource(s).\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 ServerPrincipalOwnsJobs - Attempt to remove a login when it has active jobs.\n\n * 409 ServerPrincipalOwnsObjects - Attempt to drop a login, which owns objects.\n\n * 409 ServerPrincipalIsGrantorOfPermissions - Attempt to drop a server principal, which is a grantor of permissions.\n\n * 409 ServerPrincipalOwnsDatabase - Change the owner of the database(s) before dropping the login.\n\n * 409 ServerPrincipalCurrentlyLoggedIn - Self-explanatory.\n\n * 409 ServerPrincipalAlreadyExists - Attempt to create server principal with non-unique name.\n\n * 409 ServerPrincipalUsedInTriggerOrEventNotification - Attempt to drop login, which is used as an execution context of a trigger or event notification.\n\n * 412 InstanceNotReadyForBackupRedundancyUpdate - Cannot update backup storage redundancy because the instance is not ready.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 500 ActiveDirectoryLookupTimedOut - The operation could not be completed at this time. Please try again later.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -899,7 +899,7 @@ "description": "Successfully initiated the validation of the customer managed key." }, "default": { - "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 InvalidManagedInstanceValidateAzureKeyVaultEncryptionKeyRequest - Validate Azure Key Vault Encryption Key request body is empty or invalid.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .", + "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 InvalidManagedInstanceValidateAzureKeyVaultEncryptionKeyRequest - Validate Azure Key Vault Encryption Key request body is empty or invalid.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/NetworkSecurityPerimeterConfigurations.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/NetworkSecurityPerimeterConfigurations.json index 8609acd3310c..bece344b642c 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/NetworkSecurityPerimeterConfigurations.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/NetworkSecurityPerimeterConfigurations.json @@ -45,7 +45,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 NullResource - Request body is empty\n\n * 400 NullProperties - Properties collection is not included in request body\n\n * 400 NullNSP - NetworkSecurityPerimeter property is not present in request body\n\n * 400 NullNSPId - NetworkSecurityPerimeter is missing the ID property\n\n * 400 MalformedNSPId - NetworkSecurityPerimeter ID is not correctly formatted\n\n * 400 NullNSPImmutableId - NetworkSecurityPerimeter is missing the ImmutableId property\n\n * 400 MalformedNSPImmutableId - NetworkSecurityPerimeter Immutable ID is not a GUID\n\n * 400 NullLocation - NetworkSecurityPerimeter is missing the location property\n\n * 400 NullNetworkProfile - NetworkProfile is not present in the request body\n\n * 400 NullNetworkProfileName - NetworkProfile is missing the Name property\n\n * 400 NullAccessMode - Access Mode is not present in the request body\n\n * 400 InvalidAccessMode - Supported Access Modes are enforced, audit and learning\n\n * 400 InvalidClient - Client with id '{0}' is not allowed to interact with this resource\n\n * 400 TooManyAssociations - A SQL Server may only be associated with one NSP\n\n * 400 MalformedAssociationProxyName - AssociationProxy name is not formed like {perimeterGuid}.{associationName}\n\n * 404 AssociationNotFound - This SQL Server is not associated with any NSP\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 409 OnlyOneAssociationPerServer - A SQL Server may only be associated with one NSP\n\n * 409 AssociationBlockedIfDedicatedPoolExists - A SQL server cannot be associated with a network security perimeter if it contains one or more dedicated SQL pools (formerly SQL DW). For more information, see https://go.microsoft.com/fwlink/?linkid=2324168 .", + "description": "*** Error Responses: ***\n\n * 400 NullResource - Request body is empty\n\n * 400 NullProperties - Properties collection is not included in request body\n\n * 400 NullNSP - NetworkSecurityPerimeter property is not present in request body\n\n * 400 NullNSPId - NetworkSecurityPerimeter is missing the ID property\n\n * 400 MalformedNSPId - NetworkSecurityPerimeter ID is not correctly formatted\n\n * 400 NullNSPImmutableId - NetworkSecurityPerimeter is missing the ImmutableId property\n\n * 400 MalformedNSPImmutableId - NetworkSecurityPerimeter Immutable ID is not a GUID\n\n * 400 NullLocation - NetworkSecurityPerimeter is missing the location property\n\n * 400 NullNetworkProfile - NetworkProfile is not present in the request body\n\n * 400 NullNetworkProfileName - NetworkProfile is missing the Name property\n\n * 400 NullAccessMode - Access Mode is not present in the request body\n\n * 400 InvalidAccessMode - Supported Access Modes are enforced, audit and learning\n\n * 400 InvalidClient - Client with id '{0}' is not allowed to interact with this resource\n\n * 400 TooManyAssociations - A SQL Server may only be associated with one NSP\n\n * 400 MalformedAssociationProxyName - AssociationProxy name is not formed like {perimeterGuid}.{associationName}\n\n * 404 AssociationNotFound - This SQL Server is not associated with any NSP\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 409 OnlyOneAssociationPerServer - A SQL Server may only be associated with one NSP\n\n * 409 AssociationBlockedIfDedicatedPoolExists - A SQL server cannot be associated with a network security perimeter if it contains one or more existing or recently deleted dedicated SQL pools (formerly SQL DW). For more information, see https://go.microsoft.com/fwlink/?linkid=2324168.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -96,7 +96,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 NullResource - Request body is empty\n\n * 400 NullProperties - Properties collection is not included in request body\n\n * 400 NullNSP - NetworkSecurityPerimeter property is not present in request body\n\n * 400 NullNSPId - NetworkSecurityPerimeter is missing the ID property\n\n * 400 MalformedNSPId - NetworkSecurityPerimeter ID is not correctly formatted\n\n * 400 NullNSPImmutableId - NetworkSecurityPerimeter is missing the ImmutableId property\n\n * 400 MalformedNSPImmutableId - NetworkSecurityPerimeter Immutable ID is not a GUID\n\n * 400 NullLocation - NetworkSecurityPerimeter is missing the location property\n\n * 400 NullNetworkProfile - NetworkProfile is not present in the request body\n\n * 400 NullNetworkProfileName - NetworkProfile is missing the Name property\n\n * 400 NullAccessMode - Access Mode is not present in the request body\n\n * 400 InvalidAccessMode - Supported Access Modes are enforced, audit and learning\n\n * 400 InvalidClient - Client with id '{0}' is not allowed to interact with this resource\n\n * 400 TooManyAssociations - A SQL Server may only be associated with one NSP\n\n * 400 MalformedAssociationProxyName - AssociationProxy name is not formed like {perimeterGuid}.{associationName}\n\n * 404 AssociationNotFound - This SQL Server is not associated with any NSP\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 409 OnlyOneAssociationPerServer - A SQL Server may only be associated with one NSP\n\n * 409 AssociationBlockedIfDedicatedPoolExists - A SQL server cannot be associated with a network security perimeter if it contains one or more dedicated SQL pools (formerly SQL DW). For more information, see https://go.microsoft.com/fwlink/?linkid=2324168 .", + "description": "*** Error Responses: ***\n\n * 400 NullResource - Request body is empty\n\n * 400 NullProperties - Properties collection is not included in request body\n\n * 400 NullNSP - NetworkSecurityPerimeter property is not present in request body\n\n * 400 NullNSPId - NetworkSecurityPerimeter is missing the ID property\n\n * 400 MalformedNSPId - NetworkSecurityPerimeter ID is not correctly formatted\n\n * 400 NullNSPImmutableId - NetworkSecurityPerimeter is missing the ImmutableId property\n\n * 400 MalformedNSPImmutableId - NetworkSecurityPerimeter Immutable ID is not a GUID\n\n * 400 NullLocation - NetworkSecurityPerimeter is missing the location property\n\n * 400 NullNetworkProfile - NetworkProfile is not present in the request body\n\n * 400 NullNetworkProfileName - NetworkProfile is missing the Name property\n\n * 400 NullAccessMode - Access Mode is not present in the request body\n\n * 400 InvalidAccessMode - Supported Access Modes are enforced, audit and learning\n\n * 400 InvalidClient - Client with id '{0}' is not allowed to interact with this resource\n\n * 400 TooManyAssociations - A SQL Server may only be associated with one NSP\n\n * 400 MalformedAssociationProxyName - AssociationProxy name is not formed like {perimeterGuid}.{associationName}\n\n * 404 AssociationNotFound - This SQL Server is not associated with any NSP\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 409 OnlyOneAssociationPerServer - A SQL Server may only be associated with one NSP\n\n * 409 AssociationBlockedIfDedicatedPoolExists - A SQL server cannot be associated with a network security perimeter if it contains one or more existing or recently deleted dedicated SQL pools (formerly SQL DW). For more information, see https://go.microsoft.com/fwlink/?linkid=2324168.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -144,7 +144,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 AssociationNotFound - This SQL Server is not associated with any NSP\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 OnlyOneAssociationPerServer - A SQL Server may only be associated with one NSP\n\n * 409 AssociationBlockedIfDedicatedPoolExists - A SQL server cannot be associated with a network security perimeter if it contains one or more dedicated SQL pools (formerly SQL DW). For more information, see https://go.microsoft.com/fwlink/?linkid=2324168 .\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", + "description": "*** Error Responses: ***\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 AssociationNotFound - This SQL Server is not associated with any NSP\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 OnlyOneAssociationPerServer - A SQL Server may only be associated with one NSP\n\n * 409 AssociationBlockedIfDedicatedPoolExists - A SQL server cannot be associated with a network security perimeter if it contains one or more existing or recently deleted dedicated SQL pools (formerly SQL DW). For more information, see https://go.microsoft.com/fwlink/?linkid=2324168.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ServerKeys.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ServerKeys.json index eb1770462f7b..9ee36f0fc029 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ServerKeys.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ServerKeys.json @@ -156,7 +156,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", + "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -218,7 +218,7 @@ "description": "Successfully deleted the server key." }, "default": { - "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", + "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidKeyName - An invalid value was given for the server key name.\n\n * 400 InvalidKeyType - The create server key type is not supported.\n\n * 400 InvalidUpsertKeyType - Service-managed TDE keys are managed by the service. Service-managed TDE keys don't support Create or Update by the user.\n\n * 400 InvalidKeyUpsertRequest - The create server key request does not exist or has no properties object.\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ServerTrustCertificates.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ServerTrustCertificates.json index 47d334868175..5ef0972d89fb 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ServerTrustCertificates.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/ServerTrustCertificates.json @@ -97,7 +97,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 ManagedInstanceSubnetNameIsReservedAndNotAllowed - Managed Instance can not be created with reserved subnet name. The following subnet names are reserved in Azure: AzureFirewallSubnet, AzureFirewallManagementSubnet, AzureBastionSubnet, and GatewaySubnet.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -153,7 +153,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 MissingPublicBlob - The public blob is missing.\n\n * 400 InvalidPublicBlob - Invalid public blob specified, reason: '{0}'.\n\n * 400 MissingCertificateName - The certificate name is missing.\n\n * 400 CertificateAlreadyExists - A certificate with a given name already exists or this certificate already has been added to the database.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 ManagedInstanceSubnetNameIsReservedAndNotAllowed - Managed Instance can not be created with reserved subnet name. The following subnet names are reserved in Azure: AzureFirewallSubnet, AzureFirewallManagementSubnet, AzureBastionSubnet, and GatewaySubnet.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 MissingPublicBlob - The public blob is missing.\n\n * 400 InvalidPublicBlob - Invalid public blob specified, reason: '{0}'.\n\n * 400 MissingCertificateName - The certificate name is missing.\n\n * 400 CertificateAlreadyExists - A certificate with a given name already exists or this certificate already has been added to the database.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -212,7 +212,7 @@ "description": "Certificate successfully deleted." }, "default": { - "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 MissingCertificateName - The certificate name is missing.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 ManagedInstanceSubnetNameIsReservedAndNotAllowed - Managed Instance can not be created with reserved subnet name. The following subnet names are reserved in Azure: AzureFirewallSubnet, AzureFirewallManagementSubnet, AzureBastionSubnet, and GatewaySubnet.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 MissingCertificateName - The certificate name is missing.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/Servers.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/Servers.json index 50c2c3148e7c..75eeeb008fd2 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/Servers.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/Servers.json @@ -256,7 +256,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 NameAlreadyExistsSoftDeleted - The server name requested is taken by a server in soft deleted state. Purge or recover the server to unblock. \n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 PECsNotExistingToDenyPublicNetworkAccess - Unable to set Deny Public Network Access to Yes since there is no private endpoint enabled to access the server. Please set up private endpoints and retry the operation (https://docs.microsoft.com/azure/sql-database/sql-database-private-endpoint-overview#how-to-set-up-private-link-for-azure-sql-database).\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 Ipv6FeatureNotEnabled - User tried to turn on Ipv6 support on the server without enabling feature flag on subscription, or the feature support is currently disabled in the region.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 AadOnlyAuthenticationIsEnabled - Azure Active Directory Only Authentication is enabled. Please contact your system administrator.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 InvalidMinimalTlsVersion - Invalid minimal TLS version.\n\n * 400 InvalidExternalAdministratorLogin - Invalid or missing external administrator login name.\n\n * 400 InvalidExternalAdministratorSid - Invalid or missing external administrator object id.\n\n * 400 InvalidExternalAdministratorTenantId - Invalid or missing external administrator tenant id.\n\n * 400 ExternalAdministratorPrincipalType - Invalid or missing external administrator principal type. Please select from User, Application or Group.\n\n * 400 MissingExternalAdministratorWithAadOnlyAuth - In order to use Azure AD Only Authentication, please provide details of an external administrator.\n\n * 400 ExternalAdministratorLoginSameAsSqlAdmin - The names of the Azure Active Directory administrator and of the server admin account must be different. Please provide different values.\n\n * 400 ServerAdministratorNameAlreadyExists - User tried to set the external admin and the principal name already exists in the 'master' database.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 UpsertLogicalServerRequestAlreadyInProgress - An ongoing logical server request is already in progress, please try your request again later.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", + "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 NameAlreadyExistsSoftDeleted - The server name requested is taken by a server in soft deleted state. Purge or recover the server to unblock. \n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 PECsNotExistingToDenyPublicNetworkAccess - Unable to set Deny Public Network Access to Yes since there is no private endpoint enabled to access the server. Please set up private endpoints and retry the operation (https://docs.microsoft.com/azure/sql-database/sql-database-private-endpoint-overview#how-to-set-up-private-link-for-azure-sql-database).\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 Ipv6FeatureNotEnabled - User tried to turn on Ipv6 support on the server without enabling feature flag on subscription, or the feature support is currently disabled in the region.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 AadOnlyAuthenticationIsEnabled - Azure Active Directory Only Authentication is enabled. Please contact your system administrator.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 InvalidMinimalTlsVersion - Invalid minimal TLS version.\n\n * 400 InvalidExternalAdministratorLogin - Invalid or missing external administrator login name.\n\n * 400 InvalidExternalAdministratorSid - Invalid or missing external administrator object id.\n\n * 400 InvalidExternalAdministratorTenantId - Invalid or missing external administrator tenant id.\n\n * 400 ExternalAdministratorPrincipalType - Invalid or missing external administrator principal type. Please select from User, Application or Group.\n\n * 400 MissingExternalAdministratorWithAadOnlyAuth - In order to use Azure AD Only Authentication, please provide details of an external administrator.\n\n * 400 ExternalAdministratorLoginSameAsSqlAdmin - The names of the Azure Active Directory administrator and of the server admin account must be different. Please provide different values.\n\n * 400 ServerAdministratorNameAlreadyExists - User tried to set the external admin and the principal name already exists in the 'master' database.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 UpsertLogicalServerRequestAlreadyInProgress - An ongoing logical server request is already in progress, please try your request again later.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -308,7 +308,7 @@ "description": "Successfully deleted the server." }, "default": { - "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 DropLogicalServerAlreadyInProgress - Server is already being dropped.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", + "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 DropLogicalServerAlreadyInProgress - Server is already being dropped.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -369,7 +369,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 NameAlreadyExistsSoftDeleted - The server name requested is taken by a server in soft deleted state. Purge or recover the server to unblock. \n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 PECsNotExistingToDenyPublicNetworkAccess - Unable to set Deny Public Network Access to Yes since there is no private endpoint enabled to access the server. Please set up private endpoints and retry the operation (https://docs.microsoft.com/azure/sql-database/sql-database-private-endpoint-overview#how-to-set-up-private-link-for-azure-sql-database).\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 Ipv6FeatureNotEnabled - User tried to turn on Ipv6 support on the server without enabling feature flag on subscription, or the feature support is currently disabled in the region.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 AadOnlyAuthenticationIsEnabled - Azure Active Directory Only Authentication is enabled. Please contact your system administrator.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 InvalidMinimalTlsVersion - Invalid minimal TLS version.\n\n * 400 InvalidExternalAdministratorLogin - Invalid or missing external administrator login name.\n\n * 400 InvalidExternalAdministratorSid - Invalid or missing external administrator object id.\n\n * 400 InvalidExternalAdministratorTenantId - Invalid or missing external administrator tenant id.\n\n * 400 ExternalAdministratorPrincipalType - Invalid or missing external administrator principal type. Please select from User, Application or Group.\n\n * 400 MissingExternalAdministratorWithAadOnlyAuth - In order to use Azure AD Only Authentication, please provide details of an external administrator.\n\n * 400 ExternalAdministratorLoginSameAsSqlAdmin - The names of the Azure Active Directory administrator and of the server admin account must be different. Please provide different values.\n\n * 400 ServerAdministratorNameAlreadyExists - User tried to set the external admin and the principal name already exists in the 'master' database.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 UpsertLogicalServerRequestAlreadyInProgress - An ongoing logical server request is already in progress, please try your request again later.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", + "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 NameAlreadyExistsSoftDeleted - The server name requested is taken by a server in soft deleted state. Purge or recover the server to unblock. \n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 PECsNotExistingToDenyPublicNetworkAccess - Unable to set Deny Public Network Access to Yes since there is no private endpoint enabled to access the server. Please set up private endpoints and retry the operation (https://docs.microsoft.com/azure/sql-database/sql-database-private-endpoint-overview#how-to-set-up-private-link-for-azure-sql-database).\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 Ipv6FeatureNotEnabled - User tried to turn on Ipv6 support on the server without enabling feature flag on subscription, or the feature support is currently disabled in the region.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 AadOnlyAuthenticationIsEnabled - Azure Active Directory Only Authentication is enabled. Please contact your system administrator.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 InvalidMinimalTlsVersion - Invalid minimal TLS version.\n\n * 400 InvalidExternalAdministratorLogin - Invalid or missing external administrator login name.\n\n * 400 InvalidExternalAdministratorSid - Invalid or missing external administrator object id.\n\n * 400 InvalidExternalAdministratorTenantId - Invalid or missing external administrator tenant id.\n\n * 400 ExternalAdministratorPrincipalType - Invalid or missing external administrator principal type. Please select from User, Application or Group.\n\n * 400 MissingExternalAdministratorWithAadOnlyAuth - In order to use Azure AD Only Authentication, please provide details of an external administrator.\n\n * 400 ExternalAdministratorLoginSameAsSqlAdmin - The names of the Azure Active Directory administrator and of the server admin account must be different. Please provide different values.\n\n * 400 ServerAdministratorNameAlreadyExists - User tried to set the external admin and the principal name already exists in the 'master' database.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 409 UpsertLogicalServerRequestAlreadyInProgress - An ongoing logical server request is already in progress, please try your request again later.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -429,7 +429,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 MissingImportExportInputParameters - Missing ImportExport input parameters.\n\n * 400 InvalidImportExportInputParameter - The import/export request failed due to an invalid input parameter.\n\n * 400 PolybaseImportAuthenticationTypeNotSupported - Authentication type parameter is not support for PolybaseImport operation.\n\n * 400 DatabaseExtensionsInvalidOperationMode - Invalid operationMode parameter for database extension.\n\n * 400 DatabaseExtensionsInvalidStorageKeyType - The storage key type must by 'StorageAccessKey'.\n\n * 400 DatabaseExtensionsMissingStorageUri - Storage URI cannot be empty.\n\n * 400 SQLPasswordSpecifiedWithManagedIdentity - administratorLoginPassword should not be specified if authenticationType is ManagedIdentity.\n\n * 400 InvalidSqlAuthType - ImportExport operation failed because the sql authentication type is invalid\n\n * 400 BlobAlreadyExist - ImportExport operation failed because the storage blob is already exists\n\n * 400 InvalidImportExportOperationResourceLocks - The Import/Export request is invalid due to locks on the Private Link resources.\n\n * 400 DatabaseInvalidSkuPropertyCombination - The properties of the requested sku are inconsistent. Please check that a valid combination is specified. See https://docs.microsoft.com/en-us/rest/api/sql/capabilities/listbylocation#serviceobjectivecapability for more details.\n\n * 400 ImportExportJobError - The ImportExport operation has failed.\n\n * 400 BlockedByOutboundFirewall - The outbound firewall rules blocked the request.\n\n * 400 InvalidOperationType - Provide a valid operation type.\n\n * 400 InvalidMaxSizeTierCombination - The specified tier does not support the specified database max size.\n\n * 400 InvalidTier - The user specified an invalid tier.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidImportExportParameter - The Import/Export request failed due to an invalid input parameter.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 InvalidTierSkuCombination - The specified tier does not support the specified sku.\n\n * 400 InvalidImportExportStorageCredentials - Import/Export operation failed due to invalid storage credentials\n\n * 400 InvalidImportExportStorageAuthType - Import/Export operation failed due to invalid storage auth type\n\n * 400 InvalidImportExportStorageKeyFormat - Import/Export operation failed due to invalid storage key format\n\n * 400 LongImportExportStorageUri - Import/Export operation failed due to long storage URI\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 LargeExportDatabaseSize - Export operation failed because database is larger than max supported size\n\n * 400 UnSupportedImportExportEdition - ImportExport operation failed because it is targeting a invalid edition\n\n * 400 InvalidImportExportStorageURI - ImportExport operation failed because storage URI is invalid\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ResourceNotFound - Invalid request specifying a non-existent resource.\n\n * 404 ImportExportOperationIdNotFound - The operation Id for import or export cannot be found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 ImportExportOperationInProgress - There is an import or export operation in progress on the database.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", + "description": "*** Error Responses: ***\n\n * 400 MissingImportExportInputParameters - Missing ImportExport input parameters.\n\n * 400 InvalidImportExportInputParameter - The import/export request failed due to an invalid input parameter.\n\n * 400 PolybaseImportAuthenticationTypeNotSupported - Authentication type parameter is not support for PolybaseImport operation.\n\n * 400 DatabaseExtensionsInvalidOperationMode - Invalid operationMode parameter for database extension.\n\n * 400 DatabaseExtensionsInvalidStorageKeyType - The storage key type must by 'StorageAccessKey'.\n\n * 400 DatabaseExtensionsMissingStorageUri - Storage URI cannot be empty.\n\n * 400 SQLPasswordSpecifiedWithManagedIdentity - administratorLoginPassword should not be specified if authenticationType is ManagedIdentity.\n\n * 400 InvalidSqlAuthType - ImportExport operation failed because the sql authentication type is invalid\n\n * 400 BlobAlreadyExist - ImportExport operation failed because the storage blob is already exists\n\n * 400 InvalidImportExportOperationResourceLocks - The Import/Export request is invalid due to locks on the Private Link resources.\n\n * 400 DatabaseInvalidSkuPropertyCombination - The properties of the requested sku are inconsistent. Please check that a valid combination is specified. See https://docs.microsoft.com/en-us/rest/api/sql/capabilities/listbylocation#serviceobjectivecapability for more details.\n\n * 400 ImportExportJobError - The ImportExport operation has failed.\n\n * 400 BlockedByOutboundFirewall - The outbound firewall rules blocked the request.\n\n * 400 InvalidOperationType - Provide a valid operation type.\n\n * 400 InvalidMaxSizeTierCombination - The specified tier does not support the specified database max size.\n\n * 400 InvalidTier - The user specified an invalid tier.\n\n * 400 CannotUseReservedDatabaseName - Cannot use reserved database name in this operation.\n\n * 400 InvalidImportExportParameter - The Import/Export request failed due to an invalid input parameter.\n\n * 400 InvalidSku - The user specified an invalid sku.\n\n * 400 InvalidTierSkuCombination - The specified tier does not support the specified sku.\n\n * 400 InvalidImportExportStorageCredentials - Import/Export operation failed due to invalid storage credentials\n\n * 400 InvalidImportExportStorageAuthType - Import/Export operation failed due to invalid storage auth type\n\n * 400 InvalidImportExportStorageKeyFormat - Import/Export operation failed due to invalid storage key format\n\n * 400 LongImportExportStorageUri - Import/Export operation failed due to long storage URI\n\n * 400 LargeExportDatabaseSize - Export operation failed because database is larger than max supported size\n\n * 400 FeatureDisabledOnSelectedEdition - User attempted to use a feature which is disabled on current database edition.\n\n * 400 UnSupportedImportExportEdition - ImportExport operation failed because it is targeting a invalid edition\n\n * 400 InvalidImportExportStorageURI - ImportExport operation failed because storage URI is invalid\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ResourceNotFound - Invalid request specifying a non-existent resource.\n\n * 404 ImportExportOperationIdNotFound - The operation Id for import or export cannot be found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 ImportExportOperationInProgress - There is an import or export operation in progress on the database.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -457,6 +457,51 @@ } } }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/importExportOperationResults": { + "get": { + "tags": [ + "Servers" + ], + "description": "Gets a list of server import export operation results.", + "operationId": "Servers_ListByServer", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupParameter" + }, + { + "$ref": "#/parameters/ServerNameParameter" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the list of server import export operation results.", + "schema": { + "$ref": "#/definitions/ServerImportExportOperationListResult" + } + }, + "default": { + "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "Gets a list of server level import export operation results.": { + "$ref": "./examples/GetImportExportOperationResultsByServer.json" + } + } + } + }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/refreshExternalGovernanceStatus": { "post": { "tags": [ @@ -486,7 +531,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", + "description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -1004,6 +1049,101 @@ } } }, + "ServerImportExportOperationListResult": { + "description": "A list of server import export operation results.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/ServerImportExportOperationResult" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } + } + }, + "ServerImportExportOperationResult": { + "description": "A Server ImportExport operation result resource.", + "type": "object", + "allOf": [ + { + "$ref": "../../../common/v1/types.json#/definitions/ProxyResource" + } + ], + "properties": { + "properties": { + "$ref": "#/definitions/ServerImportExportOperationResultProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } + } + }, + "ServerImportExportOperationResultProperties": { + "description": "Contains the operation result properties for import/export operation.", + "type": "object", + "properties": { + "requestId": { + "format": "uuid", + "description": "Request Id.", + "type": "string", + "readOnly": true + }, + "requestType": { + "description": "Request type.", + "type": "string", + "readOnly": true + }, + "queuedTime": { + "description": "Queued time.", + "type": "string", + "readOnly": true + }, + "lastModifiedTime": { + "description": "Last modified time.", + "type": "string", + "readOnly": true + }, + "blobUri": { + "description": "Blob Uri.", + "type": "string", + "readOnly": true + }, + "serverName": { + "description": "Server name.", + "type": "string", + "readOnly": true + }, + "databaseName": { + "description": "Database name.", + "type": "string", + "readOnly": true + }, + "status": { + "description": "Operation status.", + "type": "string", + "readOnly": true + }, + "errorMessage": { + "description": "Error message.", + "type": "string", + "readOnly": true + }, + "privateEndpointConnections": { + "description": "Gets the status of private endpoints associated with this request.", + "type": "array", + "items": { + "$ref": "#/definitions/PrivateEndpointConnectionRequestStatus" + }, + "readOnly": true + } + } + }, "ServerListResult": { "description": "A list of servers.", "type": "object", @@ -1194,11 +1334,10 @@ ], "type": "string", "x-ms-enum": { - "name": "ServerCreateMode", + "name": "createMode", "modelAsString": true }, "x-ms-mutability": [ - "read", "create" ] } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/TimeZones.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/TimeZones.json index 4a173740614c..f428c477e7d6 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/TimeZones.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/TimeZones.json @@ -45,7 +45,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 ManagedInstanceSubnetNameIsReservedAndNotAllowed - Managed Instance can not be created with reserved subnet name. The following subnet names are reserved in Azure: AzureFirewallSubnet, AzureFirewallManagementSubnet, AzureBastionSubnet, and GatewaySubnet.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -96,7 +96,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", + "description": "*** Error Responses: ***\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInCreateOfMI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the create operation.\n\n * 400 UnspecifiedTargetEditionAndTrueGPV2NotAllowedInUpdateOfGPV1MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value TRUE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V1 Managed Instance.\n\n * 400 UnspecifiedTargetEditionAndFalseGPV2NotAllowedInUpdateOfGPV2MI - Combination of unspecified target edition (sku.name/sku.tier parameters) and the value FALSE for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 NameAlreadyExists - The provided name already exists.\n\n * 400 GPTargetEditionAndUnspecifiedGPV2NotAllowedInUpdateOFGPV2MI - Combination of General Purpose target edition (sku.name/sku.tier parameters) and unspecified value for the isGeneralPurposeV2 parameter is not allowed in the update operation of General Purpose V2 Managed Instance.\n\n * 400 InvalidCollation - Invalid collation.\n\n * 400 ProvisioningDisabled - Displays error message from resources operation authorizer as is, without changes\n\n * 400 BCTargetEditionAndSpecifiedGPV2ParamNotAllowedInCreateUpdateOfMI - Combination of Business Critical target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the create/update operation.\n\n * 400 UnspecifiedTargetEditionAndSpecifiedGPV2ParamNotAllowedInUpdateOfBCMI - Combination of unspecified target edition (sku.name/sku.tier parameters) with a specified isGeneralPurposeV2 parameter is not allowed in the update operation of Business Critical Managed Instance.\n\n * 400 RegionDoesNotAllowProvisioning - The selected location is not accepting new Windows Azure SQL Database servers. This may change at a later time.\n\n * 400 MemorySizeInGBNotSupported - Memory size in GB parameter is not allowed in the instance create/update operation.\n\n * 400 MemorySizeInGBNotSupportedForSpecifiedEdition - Memory size in GB parameter is not allowed in the instance create/update operation for the specified service tier or hardware generation.\n\n * 400 InvalidSubnetForGPV2Edition - General Purpose v2 edition of Managed Instance is not compatible with the specified subnet. Target subnet must be either empty, or all instances in it must run with November 2022 Feature Wave.\n\n * 400 MemorySizeInGBInvalidLimit - The specified memory value is invalid. Please ensure the memory size in GB is within the allowable range of 28 to 870 and corresponds appropriately to the number of vCores and service tier. The available memory sizes for the selected vCores and service tier are {0}. For details around resource limits visit: https://go.microsoft.com/fwlink/?linkid=2293407\n\n * 400 UnableToResolveRemoteServer - The remote partner server name could not be resolved due to an invalid server name or DNS connectivity issues.\n\n * 400 ManagedInstanceUpdateSloGPv2PerDatabaseFileLimitExceeded - The operation could not be completed because there is at least one database whose number of files is exceeding the limit of {0} files per database on General Purpose v2 edition.\n\n * 400 NextGenGPNotSupportedForCmwCustomers - Next-Gen General Purpose edition of Managed Instance does not support Custom Maintenance Window.\n\n * 400 HkCannotSwitchToInactive - The database cannot proceed with pricing-tier update as it has memory-optimized objects. Please drop such objects and try again.\n\n * 400 TokenTooLong - The provided token is too long.\n\n * 400 ManagedInstanceFreemiumNotAvailableForInputParameters - Managed instance creation or update executed with SLO that is not allowed for freemium.\n\n * 400 ManagedInstanceFreemiumNotAvailableOnRegion - Creation of a freemium managed instance on a region that is not allowlisted for freemium.\n\n * 400 ManagementServiceSubnetMaintenanceInProgress - User tried to initiate managed instance create/update while incompatible maintenance is in progress.\n\n * 400 ManagedInstanceFreemiumNotAvailableForSubscription - Freemium is not enabled for this subscription type.\n\n * 400 ManagedInstanceInvalidEditionForInstancePool - User tried to select invalid service tier for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidSubnetForInstancePool - User tried to select invalid subnet for managed instance inside an existing instance pool.\n\n * 400 CloudLifterUnsupportedFeature - The functionality is not available on the Managed Instance at this time.\n\n * 400 ManagedInstanceSloUpdateFailed - SLO '{0}' operation cannot succeed as the memory usage of '{1}' exceeds the quota.\n\n * 400 OperationCanNotStartDueToMiLink - The '{0}' operation cannot be completed as there exists a database in a process of creation through Managed Instance link. Please wait for the link creation to complete, or delete the link, and retry the operation again.\n\n * 400 ManagedInstanceInvalidHardwareFamilyForInstancePool - User tried to select invalid hardware family for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceInvalidLicenseTypeForInstancePool - User tried to select invalid license type for managed instance inside an existing instance pool.\n\n * 400 ManagedInstanceLocalStorageUpdateSloDisabled - Update SLO for managed instances with local storage is not supported yet.\n\n * 400 ManagedInstanceUpdateSloFromVersionlessToVersionedNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 ManagedInstanceUpdateSloFromNewerToOlderVersionEditionNotAllowed - Changing the database format from '{0}' to '{1}' is not supported. Check the database format property value specified and visit https://aka.ms/sqlmidatabaseformat for more details.\n\n * 400 InvalidSubnetResourceId - The provided subnet resource ID for the managed instance create or update is invalid.\n\n * 400 ManagedInstanceUpdateSloFromVersionedToVersionlessWorkerCLNotAllowed - Changing the database format is not supported for this managed instance. Check the database format property value specified and visit https://aka.ms/sqlmi-fwnov2022 for more details.\n\n * 400 ManagedInstanceVersionEditionParameterNotAllowedForUsing - Specifying the database format property value is not supported at this time.\n\n * 400 ManagedInstanceFreemiumInvalidArchitecture - A freemium instance can not be created in the specified subnet '(0)'.\n\n * 400 ManagedInstanceWithGeoDRMoveToInstancePoolNotAllowed - Customer has attempted to move a standalone Managed Instance with an existing auto-failover group configured into an instance pool, which is not supported. Only standalone instances without existing auto-failover groups configured can be moved to instance pools.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerRegion - Creation of ZoneRedundant SQL MI is temporarily disabled on this region. You can create Zone Redundant SQL Managed Instances in many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 VnetInWrongRegion - Virtual network is in wrong region.\n\n * 400 ManagedInstanceZoneRedudantFeatureTemporarilyDisabledPerHardwareGeneration - Creation of ZoneRedundant SQL MI is temporarily disabled for this hardware generation on this region. You can create Zone Redundant SQL Managed Instances with different hardware generation on this region or many other regions in Azure. https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/high-availability-sla?view=azuresql-mi#zone-redundant-availability.\n\n * 400 AlterDbDeactivatedNotSupported - Database Operation failed for Server '{0}', Database '{1}' due to unexpected delay. Please try again.\n\n * 400 ManagedInstanceUpdateSloGeoPrimaryWithNewerVersionEditionThanSecondary - Database format change must be performed on the secondary instance of the failover group first. See https://go.microsoft.com/fwlink/?linkid=2251601 for more details.\n\n * 400 ManagedInstanceFreemiumInstanceAlreadyExists - Only one free SQL Managed Instance is allowed per subscription.\n\n * 400 ManagementServiceGeodrSecondaryDatabaseInCreation - The '{0}' operation cannot be completed as there exists a database in a process of creation through failover group deployment. Please wait for the failover group deployment to complete, or alternatively delete the failover group and retry the operation again.\n\n * 400 VnetAddressRangeError - Virtual network address range is invalid.\n\n * 400 RegionDoesNotSupportVersion - A user attempted to create a server of a specified version in a location where that server version isn't supported.\n\n * 400 ManagedInstanceConversionRegularToFreemiumNotAllowed - User tried converting a Regular SQL Managed Instance to Free SQL Managed Instance.\n\n * 400 ManagedInstanceConversionFreemiumToRegularAndUpdateSLOWhileStoppedNotAllowed - User tried converting a Free SQL Managed Instance to Regular SQL Managed Instance and Update SLO in same request, while Instance is stopped.\n\n * 400 ManagedInstanceMaintenanceWindowChangeNotAllowedWhenInInstancePool - Maintenance window is set at instance pool level and cannot be set individually per pooled instance.\n\n * 400 ManagedInstanceMoveToInstancePoolExceedsDbCountLimit - Cannot move the instance into the pool due to pool database count limit.\n\n * 400 ManagedInstancePoolZoneRedundancyNotSupported - Cannot move a zone-redundant instance into the pool as zone-redundancy is not supported in pools.\n\n * 400 VnetConfigIsNotAllowed - Virtual network configuration is not allowed.\n\n * 400 DeploymentIntoPrivateSubnetsNotAllowed - Deploying managed instances and instance pools into private subnets is not supported.\n\n * 400 ManagedInstanceDeprecatedMinimalTlsVersionLowerThan12DuringCreateUpdate - Operation '{0}' could not be completed because the minimum TLS version required is 1.2 or higher. Earlier versions of TLS are no longer supported as they are considered deprecated.\n\n * 400 InstanceFailoverGroupDoesNotExist - Failover group does not exist on a server.\n\n * 400 MaintenanceWindowMismatchBetweenInstanceAndInstancePool - Instance maintenance window must be set to match instance pool maintenance window.\n\n * 400 ManagedInstanceClassicVnetNotSupported - Managed Instance cannot be joined to a classic virtual network.\n\n * 400 ManagedInstanceMinTlsVersionGreaterThanMaxAllowedVersion - Operation '{0}' could not be completed because the minimum TLS version parameter is higher than max allowed.\n\n * 400 VnetConfigHasNsg - User tried to inject Managed Server subnet with Network Security Groups.\n\n * 400 VnetConfigHasNoUdr - User tried to inject Managed Server subnet without default User Defined Route Table.\n\n * 400 VnetConfigHasInvalidUdr - User tried to inject Managed Server subnet with invalid User Defined Route Table.\n\n * 400 VnetConfigHasInvalidDns - User tried to inject Managed Server subnet with invalid custom DNS.\n\n * 400 VnetConfigHasServiceEndpoints - User tried to inject Managed Server subnet with service endpoints.\n\n * 400 VnetSubnetIsInUse - User tried to inject Managed Server subnet that is not empty.\n\n * 400 ManagedInstanceSubnetNameIsReservedAndNotAllowed - Managed Instance can not be created with reserved subnet name. The following subnet names are reserved in Azure: AzureFirewallSubnet, AzureFirewallManagementSubnet, AzureBastionSubnet, and GatewaySubnet.\n\n * 400 VnetSubnetIsLocked - User tried to inject Managed Server subnet that is in locked scope.\n\n * 400 VnetSubnetIsGateway - User tried to inject Managed Server subnet that is Gateway subnet.\n\n * 400 VnetSubnetIsUnknown - User tried to inject Managed Server subnet that does not exist.\n\n * 400 VnetSubnetConflictWithIntendedPolicy - User tried to inject Managed Server subnet that has a conflict with IntendedPolicy.\n\n * 400 ManagedInstanceInvalidEditionForSku - The specified edition {0} is not consistent with the specified SKU {1}.\n\n * 400 ManagedInstanceInvalidLicenseType - The specified license type {0} is not valid.\n\n * 400 ManagedInstanceUpdateSloInProgress - \"The operation could not be completed because a service tier change is in progress for managed instance '{0}.' Please wait for the operation in progress to complete and try again.\"\n\n * 400 VnetResourceNotFound - Resource not found: '{0}'.\n\n * 400 InstanceCollationUpdateNotSupported - User cannot change instance collation on Managed Instance.\n\n * 400 CreateManagedInstanceWithNonDefaultCollationNotSupported - User can create a Managed Instance only with collation 'SQL_Latin1_General_CP1_CI_AS'.\n\n * 400 ManagedInstanceOperationInProgress - The operation could not be completed because {0} operation is in progress. Please wait for the operation in progress to complete and try again.\n\n * 400 ManagedInstanceExceedMaxAzureStorage - The operation could not be completed because total allocated storage size for General Purpose instance would exceed {0}. Please reduce the number of database files and retry operation.\n\n * 400 ManagedInstanceHasGeoReplica - The operation could not be completed because instance has configured geo replicated secondary instance.\n\n * 400 InvalidDnsZone - The operation has failed because you are attempting to deploy managed instance as a geo-replication secondary to the subnet {0} in which there already exists a managed instance. Deploying managed instance as a geo-replication secondary is supported only in cases when managed instance is the first instance deployed in a subnet. Consider deploying managed instance as a geo-replication secondary to a different subnet in which there are no existing managed instances, or if deploying to a subnet with existing managed instance disable the geo-replication option.\n\n * 400 ManagedInstanceInvalidStorageSizeLessThenCurrentSizeUsed - Invalid storage size: Storage size limit ({0} GB) is less that current storage used ({1} GB). Please specify higher storage size limit.\n\n * 400 InvalidTimezone - Invalid timezone.\n\n * 400 InstanceTimezoneUpdateNotSupported - Instance timezone update not supported.\n\n * 400 CreateManagedInstanceWithNonDefaultTimezoneNotSupported - Create Managed Instance with non-default timezone not supported.\n\n * 400 ManagedInstanceIpAddressRangeLimit - Cannot perform creation/scaling of the managed instance as there are not enough available IP addresses in the subnet for performing the operation.\n\n * 400 VnetDelegationNotAllowed - User tried to inject Managed Server to subnet which is delegated.\n\n * 400 SubnetHasResourcesOfDifferentType - User tried to create MI in subnet that has resources of different type.\n\n * 400 UpdateManagedServerWithMaintenanceWindowNotAllowed - Update of Managed Instance with maintenance window settings is not allowed.\n\n * 400 OperationNotAllowedInCurrentGeodrConfiguration - The operation is not allowed because the current geo-replication configuration does not allow this combination of {0}. Change the setting on the geo-replication partner before applying the change on this instance.\n\n * 400 VnetPrepareNIPFailed - User tried to prepare subnet that has a conflict with NetworkIntentPolicy.\n\n * 400 ManagedInstanceDeprecatedHardwareFamily - Changing the hardware generation to deprecated {0} generation is not possible.\n\n * 400 ManagedInstanceBackupStorageTypeNotSupported - Backup storage type parameter is not allowed in the instance update operation.\n\n * 400 EmptyPDCInvalidDnsZone - This managed instance cannot be deployed because its DNS-zone does not match the DNS-prefix of its intended virtual cluster for subnet {0}. Although this virtual cluster is empty, its DNS-prefix cannot be changed. Empty virtual clusters will be automatically removed after several hours. Consider waiting for this virtual cluster to expire or manually deleting this virtual cluster and then creating the managed instance.\n\n * 400 MissingIdentityId - No user assigned identity is provided when the identity type is set to UserAssigned\n\n * 400 InvalidPrimaryIdentityId - User provides a value for PrimaryUserIdentityId but the same is not listed in the IdentityId parameter\n\n * 400 ManagedInstanceZoneRedudantFeatureNotSupported - ZoneRedundant feature is not supported for the selected service tier. For more details visit aka.ms/sqlmi-service-tier-characteristics.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeEnabled - Enabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 ManagedInstanceZoneRedudantFeatureCantBeDisabled - Disabling zoneRedundant feature is not possible once managed instance is created. For more details visit aka.ms/sqlmi-high-availability.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 MissingPrimaryIdentity - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SubnetIdCantBeUpdated - Changing managed instance subnet is not supported operation. Please remove this parameter from the request.\n\n * 400 MigrationToAnotherVNetNotSupported - Selected subnet is in another Virtual Network. Moving managed instance to another Virtual Network is not possible. Please provide subnet from Virtual Network {0}.\n\n * 400 MigrationToSubnetWithDifferentDnsZoneNotSupported - Provided subnet is having different DNS zone from the current. Changing instance DNS zone is not supported. Please provide subnet with same DNS zone, create a new subnet or provide empty one.\n\n * 400 MigrationToGen4SubnetNotSupported - It is not possible to update subnet while running on Gen4 hardware as it is being deprecated. Please upgrade your hardware from Gen4 to Gen5 as part of the changing managed instance subnet operation by specifying both parameters at the same time: destination subnet and hardware generation.\n\n * 400 PrimaryIdentityMissingPermissionForKeyId - KeyId is provided by user during create but PrimaryUserAssignedIdentityId is not provided in the API call\n\n * 400 InvalidIdentityTypeForKeyId - KeyId is provided by user during create but identity type is not set to 'UserAssigned'\n\n * 400 ServerNotFound - The requested server was not found.\n\n * 400 ManagedInstanceFileExceededMaxAzureStorageFileSizeLimit - The operation could not be completed because some of the database files are exceeding maximum General Purpose file size limit of {0} GB.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InstancePoolNotEnoughCapacity - An instance pool does not have enough capacity\n\n * 400 SourceAndTargetSubnetsMustBeVnetPeered - Subnet currently used by managed instance and provided destination subnet are part of the virtual networks that are not connected with virtual network peering, or have peering established but don't have allowed traffic. In order to move managed instance from one subnet to another, virtual network peering needs to be established from both source and target virtual network. Please configure virtual network requirements and then try the operation again. Learn more https://docs.microsoft.com/en-us/azure/virtual-network/tutorial-connect-virtual-networks-portal#peer-virtual-networks. \n\n * 400 ManagedInstanceAndSubnetAreNotOnTheSameSubscription - Subnet provided for managed instance deployment is located on subscription different than the one submitted for managed instance. Managed instance and subnet used for deploying the instance must be on the same subscription. Please provide another subnet or switch to the subnet subscription and then try the operation again.\n\n * 400 CreateManagedInstanceInvalidSubnetSize - User attempted to create managed instance in a subnet that is smaller than the allowed minimal subnet size.\n\n * 400 AddressRangeOfTargetSubnetAndSubnetOfGeoDRReplicaCantOverlap - Subnet selected for managed instance migration has address range that overlaps with address range of subnet that holds geo replicated secondary instance. Please verify that your subnet is configured according to guidelines in https://aka.ms/move-managed-instance. \n\n * 400 TargetSubnetMustBeConfiguredToAllowGeoDRReplication - Subnet selected for managed instance migration is not configured to enable communication with a geo replicated secondary instance. Please check if all of the required ports are open. To properly configure your subnet read the guidelines in https://aka.ms/move-managed-instance. \n\n * 400 InvalidIdentifier - The identifier contains NULL or an invalid unicode character.\n\n * 400 InvalidLoginName - The provided login name is invalid.\n\n * 400 InvalidUsername - Supplied user name contains invalid characters.\n\n * 400 PasswordTooShort - The provided password is too short\n\n * 400 PasswordTooLong - The provided password is too long.\n\n * 400 PasswordNotComplex - The provided password is not complex enough.\n\n * 400 GatewayInvalidEdition - '{0}' is not a valid database edition in this version of SQL Server.\n\n * 400 StorageIOpsNotSupported - Storage IOps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageThroughputMBpsNotSupported - Storage throughput MBps parameter is not allowed in the instance create/update operation.\n\n * 400 StorageIOpsNotSupportedForSpecifiedEdition - Storage IOps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 StorageThroughputMBpsNotSupportedForSpecifiedEdition - Storage throughput MBps parameter is not allowed in the instance create/update operation for the specified edition.\n\n * 400 InvalidLocation - An invalid location was specified.\n\n * 400 InvalidParameterValue - An invalid value was given to a parameter.\n\n * 400 InvalidServerName - Invalid server name specified.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 404 ResourceDoesNotExist - Resource with the name '{0}' does not exist. To continue, specify a valid resource name.\n\n * 404 InstancePoolNotFound - An instance pool cannot be found\n\n * 404 SubscriptionNotFound - The requested subscription was not found.\n\n * 405 InvalidVcoreValue - vCore value {0} is not valid. Please specify a valid vCore value.\n\n * 405 InvalidHardwareGenerationValue - HardwareGeneration {0} is not valid. Please specify a valid HardwareGeneration value.\n\n * 405 InvalidStorageSizeValue - \"Invalid storage size: {0} GB. Storage size must be specified between {1} and {2} gigabytes, in increments of {3} GB.\n\n * 405 InvalidStorageIOpsLimitValue - Invalid storage IOps limit: {0} IOps. Storage IOps limit must be specified between {1} IOps and {2} IOps, in increments of {3} IOps.\n\n * 405 InvalidStorageThroughputMBpsLimitValue - Invalid storage throughput limit: {0} MBps. Storage throughput limit must be specified between {1} MBps and {2} MBps, in increments of {3} MBps.\n\n * 409 ConflictingServerOperation - An operation is currently in progress for the server.\n\n * 409 SubscriptionDisabled - Subscription is disabled.\n\n * 409 ServerOverridePreconditionFailed - Failed to apply server override on category '{0}', because physical db or instance '{1}' in server '{2}' is currently not in 'Ready' or 'Deactivated' state.\n\n * 409 ManagedInstanceIsBusy - The server '{0}' is currently busy. Please wait a few minutes before trying again.\n\n * 409 ServerAlreadyExists - Duplicate server name.\n\n * 409 ServerDisabled - Server is disabled.\n\n * 409 ServerQuotaExceeded - Server cannot be added to a subscription because it will exceed quota.\n\n * 429 ConflictingSubscriptionOperation - An operation is currently in progress for the subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 GatewayInternalServerError - The server encountered an unexpected exception.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 504 RequestTimeout - Service request exceeded the allowed timeout.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/TransparentDataEncryptions.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/TransparentDataEncryptions.json index 996a17599367..103b000a5ae0 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/TransparentDataEncryptions.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/TransparentDataEncryptions.json @@ -56,7 +56,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 AttemptedEncryptionOnSystemDatabase - Cannot encrypt a system database. Database encryption operations cannot be performed for 'master', 'model', 'tempdb', 'msdb', or 'resource' databases.\n\n * 400 TransparentDataEncryptionSuspendResumeNotSupportedForDW - Encryption scan suspend and resume is not supported on DW.\n\n * 400 ReadOnly - Cannot enable or modify database encryption on a database that is read-only, has read-only files or is not recovered.\n\n * 400 CanNotChangeReadOnlyDuringTdeScan - Cannot modify filegroup read-only/read-write state while an encryption transition is in progress.\n\n * 400 CanNotDropAlterOnMirror - Please modify Transparent Data Encryption on the primary databases.\n\n * 400 TransparentDataEncryptionScanCannotBeSuspendedAgain - Encryption scan cannot be suspended because it is already in suspended state.\n\n * 400 TransparentDataEncryptionCannotAlterDatabaseEncryptionKey - Database encryption key cannot be altered because the database is not encrypted.\n\n * 400 TransparentDataEncryptionScanCannotBeStarted - When key change is in progress, only suspend and resume operations are allowed.\n\n * 400 TransparentDataEncryptionCannotResume - Encryption scan can not be resumed because no encryption scan is in progress.\n\n * 400 TransparentDataEncryptionCannotSuspend - Encryption scan can not be suspended because no encryption scan is in progress.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 EncryptionInProgress - Cannot modify encryption while an encryption scan in progress.\n\n * 409 KeyChangeInProgress - Cannot change database encryption key while an encryption, decryption, or key change scan is in progress.\n\n * 409 NoBulkOperationLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on database. Try again later.\n\n * 409 NeedsLogBackup - Please wait several minutes for a log backup to occur. \n\n * 409 AltStateConflict - The operation cannot be performed on database because it is involved in a database mirroring session or an availability group. Some operations are not allowed on a database that is participating in a database mirroring session or in an availability group.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 NoDekLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on the database. Try again later.", + "description": "*** Error Responses: ***\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 AttemptedEncryptionOnSystemDatabase - Cannot encrypt a system database. Database encryption operations cannot be performed for 'master', 'model', 'tempdb', 'msdb', or 'resource' databases.\n\n * 400 TransparentDataEncryptionSuspendResumeNotSupportedForDW - Encryption scan suspend and resume is not supported on DW.\n\n * 400 ReadOnly - Cannot enable or modify database encryption on a database that is read-only, has read-only files or is not recovered.\n\n * 400 CanNotChangeReadOnlyDuringTdeScan - Cannot modify filegroup read-only/read-write state while an encryption transition is in progress.\n\n * 400 CanNotDropAlterOnMirror - Please modify Transparent Data Encryption on the primary databases.\n\n * 400 TransparentDataEncryptionScanCannotBeSuspendedAgain - Encryption scan cannot be suspended because it is already in suspended state.\n\n * 400 TransparentDataEncryptionCannotAlterDatabaseEncryptionKey - Database encryption key cannot be altered because the database is not encrypted.\n\n * 400 TransparentDataEncryptionScanCannotBeStarted - When key change is in progress, only suspend and resume operations are allowed.\n\n * 400 TransparentDataEncryptionCannotResume - Encryption scan can not be resumed because no encryption scan is in progress.\n\n * 400 TransparentDataEncryptionCannotSuspend - Encryption scan can not be suspended because no encryption scan is in progress.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 EncryptionInProgress - Cannot modify encryption while an encryption scan in progress.\n\n * 409 KeyChangeInProgress - Cannot change database encryption key while an encryption, decryption, or key change scan is in progress.\n\n * 409 NoBulkOperationLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on database. Try again later.\n\n * 409 NeedsLogBackup - Please wait several minutes for a log backup to occur. \n\n * 409 AltStateConflict - The operation cannot be performed on database because it is involved in a database mirroring session or an availability group. Some operations are not allowed on a database that is participating in a database mirroring session or in an availability group.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 NoDekLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on the database. Try again later.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -126,7 +126,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 AttemptedEncryptionOnSystemDatabase - Cannot encrypt a system database. Database encryption operations cannot be performed for 'master', 'model', 'tempdb', 'msdb', or 'resource' databases.\n\n * 400 TransparentDataEncryptionSuspendResumeNotSupportedForDW - Encryption scan suspend and resume is not supported on DW.\n\n * 400 ReadOnly - Cannot enable or modify database encryption on a database that is read-only, has read-only files or is not recovered.\n\n * 400 CanNotChangeReadOnlyDuringTdeScan - Cannot modify filegroup read-only/read-write state while an encryption transition is in progress.\n\n * 400 CanNotDropAlterOnMirror - Please modify Transparent Data Encryption on the primary databases.\n\n * 400 TransparentDataEncryptionScanCannotBeSuspendedAgain - Encryption scan cannot be suspended because it is already in suspended state.\n\n * 400 TransparentDataEncryptionCannotAlterDatabaseEncryptionKey - Database encryption key cannot be altered because the database is not encrypted.\n\n * 400 TransparentDataEncryptionScanCannotBeStarted - When key change is in progress, only suspend and resume operations are allowed.\n\n * 400 TransparentDataEncryptionCannotResume - Encryption scan can not be resumed because no encryption scan is in progress.\n\n * 400 TransparentDataEncryptionCannotSuspend - Encryption scan can not be suspended because no encryption scan is in progress.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 EncryptionInProgress - Cannot modify encryption while an encryption scan in progress.\n\n * 409 KeyChangeInProgress - Cannot change database encryption key while an encryption, decryption, or key change scan is in progress.\n\n * 409 NoBulkOperationLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on database. Try again later.\n\n * 409 NeedsLogBackup - Please wait several minutes for a log backup to occur. \n\n * 409 AltStateConflict - The operation cannot be performed on database because it is involved in a database mirroring session or an availability group. Some operations are not allowed on a database that is participating in a database mirroring session or in an availability group.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 NoDekLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on the database. Try again later.", + "description": "*** Error Responses: ***\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 AttemptedEncryptionOnSystemDatabase - Cannot encrypt a system database. Database encryption operations cannot be performed for 'master', 'model', 'tempdb', 'msdb', or 'resource' databases.\n\n * 400 TransparentDataEncryptionSuspendResumeNotSupportedForDW - Encryption scan suspend and resume is not supported on DW.\n\n * 400 ReadOnly - Cannot enable or modify database encryption on a database that is read-only, has read-only files or is not recovered.\n\n * 400 CanNotChangeReadOnlyDuringTdeScan - Cannot modify filegroup read-only/read-write state while an encryption transition is in progress.\n\n * 400 CanNotDropAlterOnMirror - Please modify Transparent Data Encryption on the primary databases.\n\n * 400 TransparentDataEncryptionScanCannotBeSuspendedAgain - Encryption scan cannot be suspended because it is already in suspended state.\n\n * 400 TransparentDataEncryptionCannotAlterDatabaseEncryptionKey - Database encryption key cannot be altered because the database is not encrypted.\n\n * 400 TransparentDataEncryptionScanCannotBeStarted - When key change is in progress, only suspend and resume operations are allowed.\n\n * 400 TransparentDataEncryptionCannotResume - Encryption scan can not be resumed because no encryption scan is in progress.\n\n * 400 TransparentDataEncryptionCannotSuspend - Encryption scan can not be suspended because no encryption scan is in progress.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 EncryptionInProgress - Cannot modify encryption while an encryption scan in progress.\n\n * 409 KeyChangeInProgress - Cannot change database encryption key while an encryption, decryption, or key change scan is in progress.\n\n * 409 NoBulkOperationLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on database. Try again later.\n\n * 409 NeedsLogBackup - Please wait several minutes for a log backup to occur. \n\n * 409 AltStateConflict - The operation cannot be performed on database because it is involved in a database mirroring session or an availability group. Some operations are not allowed on a database that is participating in a database mirroring session or in an availability group.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 NoDekLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on the database. Try again later.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -200,7 +200,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 AttemptedEncryptionOnSystemDatabase - Cannot encrypt a system database. Database encryption operations cannot be performed for 'master', 'model', 'tempdb', 'msdb', or 'resource' databases.\n\n * 400 TransparentDataEncryptionSuspendResumeNotSupportedForDW - Encryption scan suspend and resume is not supported on DW.\n\n * 400 ReadOnly - Cannot enable or modify database encryption on a database that is read-only, has read-only files or is not recovered.\n\n * 400 CanNotChangeReadOnlyDuringTdeScan - Cannot modify filegroup read-only/read-write state while an encryption transition is in progress.\n\n * 400 CanNotDropAlterOnMirror - Please modify Transparent Data Encryption on the primary databases.\n\n * 400 TransparentDataEncryptionScanCannotBeSuspendedAgain - Encryption scan cannot be suspended because it is already in suspended state.\n\n * 400 TransparentDataEncryptionCannotAlterDatabaseEncryptionKey - Database encryption key cannot be altered because the database is not encrypted.\n\n * 400 TransparentDataEncryptionScanCannotBeStarted - When key change is in progress, only suspend and resume operations are allowed.\n\n * 400 TransparentDataEncryptionCannotResume - Encryption scan can not be resumed because no encryption scan is in progress.\n\n * 400 TransparentDataEncryptionCannotSuspend - Encryption scan can not be suspended because no encryption scan is in progress.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidTransparentDataEncryptionUpdateRequest - Please enter a valid state. Please use \"Enabled\" or \"Disabled\".\n\n * 400 InvalidTransparentDataEncryptionName - The transparent data encryption key name is not supported.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 EncryptionInProgress - Cannot modify encryption while an encryption scan in progress.\n\n * 409 KeyChangeInProgress - Cannot change database encryption key while an encryption, decryption, or key change scan is in progress.\n\n * 409 NoBulkOperationLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on database. Try again later.\n\n * 409 NeedsLogBackup - Please wait several minutes for a log backup to occur. \n\n * 409 AltStateConflict - The operation cannot be performed on database because it is involved in a database mirroring session or an availability group. Some operations are not allowed on a database that is participating in a database mirroring session or in an availability group.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 NoDekLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on the database. Try again later.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", + "description": "*** Error Responses: ***\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 AttemptedEncryptionOnSystemDatabase - Cannot encrypt a system database. Database encryption operations cannot be performed for 'master', 'model', 'tempdb', 'msdb', or 'resource' databases.\n\n * 400 TransparentDataEncryptionSuspendResumeNotSupportedForDW - Encryption scan suspend and resume is not supported on DW.\n\n * 400 ReadOnly - Cannot enable or modify database encryption on a database that is read-only, has read-only files or is not recovered.\n\n * 400 CanNotChangeReadOnlyDuringTdeScan - Cannot modify filegroup read-only/read-write state while an encryption transition is in progress.\n\n * 400 CanNotDropAlterOnMirror - Please modify Transparent Data Encryption on the primary databases.\n\n * 400 TransparentDataEncryptionScanCannotBeSuspendedAgain - Encryption scan cannot be suspended because it is already in suspended state.\n\n * 400 TransparentDataEncryptionCannotAlterDatabaseEncryptionKey - Database encryption key cannot be altered because the database is not encrypted.\n\n * 400 TransparentDataEncryptionScanCannotBeStarted - When key change is in progress, only suspend and resume operations are allowed.\n\n * 400 TransparentDataEncryptionCannotResume - Encryption scan can not be resumed because no encryption scan is in progress.\n\n * 400 TransparentDataEncryptionCannotSuspend - Encryption scan can not be suspended because no encryption scan is in progress.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidTransparentDataEncryptionUpdateRequest - Please enter a valid state. Please use \"Enabled\" or \"Disabled\".\n\n * 400 InvalidTransparentDataEncryptionName - The transparent data encryption key name is not supported.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 EncryptionInProgress - Cannot modify encryption while an encryption scan in progress.\n\n * 409 KeyChangeInProgress - Cannot change database encryption key while an encryption, decryption, or key change scan is in progress.\n\n * 409 NoBulkOperationLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on database. Try again later.\n\n * 409 NeedsLogBackup - Please wait several minutes for a log backup to occur. \n\n * 409 AltStateConflict - The operation cannot be performed on database because it is involved in a database mirroring session or an availability group. Some operations are not allowed on a database that is participating in a database mirroring session or in an availability group.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 NoDekLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on the database. Try again later.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -285,7 +285,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 AttemptedEncryptionOnSystemDatabase - Cannot encrypt a system database. Database encryption operations cannot be performed for 'master', 'model', 'tempdb', 'msdb', or 'resource' databases.\n\n * 400 TransparentDataEncryptionSuspendResumeNotSupportedForDW - Encryption scan suspend and resume is not supported on DW.\n\n * 400 ReadOnly - Cannot enable or modify database encryption on a database that is read-only, has read-only files or is not recovered.\n\n * 400 CanNotChangeReadOnlyDuringTdeScan - Cannot modify filegroup read-only/read-write state while an encryption transition is in progress.\n\n * 400 CanNotDropAlterOnMirror - Please modify Transparent Data Encryption on the primary databases.\n\n * 400 TransparentDataEncryptionScanCannotBeSuspendedAgain - Encryption scan cannot be suspended because it is already in suspended state.\n\n * 400 TransparentDataEncryptionCannotAlterDatabaseEncryptionKey - Database encryption key cannot be altered because the database is not encrypted.\n\n * 400 TransparentDataEncryptionScanCannotBeStarted - When key change is in progress, only suspend and resume operations are allowed.\n\n * 400 TransparentDataEncryptionCannotResume - Encryption scan can not be resumed because no encryption scan is in progress.\n\n * 400 TransparentDataEncryptionCannotSuspend - Encryption scan can not be suspended because no encryption scan is in progress.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 EncryptionInProgress - Cannot modify encryption while an encryption scan in progress.\n\n * 409 KeyChangeInProgress - Cannot change database encryption key while an encryption, decryption, or key change scan is in progress.\n\n * 409 NoBulkOperationLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on database. Try again later.\n\n * 409 NeedsLogBackup - Please wait several minutes for a log backup to occur. \n\n * 409 AltStateConflict - The operation cannot be performed on database because it is involved in a database mirroring session or an availability group. Some operations are not allowed on a database that is participating in a database mirroring session or in an availability group.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 NoDekLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on the database. Try again later.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", + "description": "*** Error Responses: ***\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 AttemptedEncryptionOnSystemDatabase - Cannot encrypt a system database. Database encryption operations cannot be performed for 'master', 'model', 'tempdb', 'msdb', or 'resource' databases.\n\n * 400 TransparentDataEncryptionSuspendResumeNotSupportedForDW - Encryption scan suspend and resume is not supported on DW.\n\n * 400 ReadOnly - Cannot enable or modify database encryption on a database that is read-only, has read-only files or is not recovered.\n\n * 400 CanNotChangeReadOnlyDuringTdeScan - Cannot modify filegroup read-only/read-write state while an encryption transition is in progress.\n\n * 400 CanNotDropAlterOnMirror - Please modify Transparent Data Encryption on the primary databases.\n\n * 400 TransparentDataEncryptionScanCannotBeSuspendedAgain - Encryption scan cannot be suspended because it is already in suspended state.\n\n * 400 TransparentDataEncryptionCannotAlterDatabaseEncryptionKey - Database encryption key cannot be altered because the database is not encrypted.\n\n * 400 TransparentDataEncryptionScanCannotBeStarted - When key change is in progress, only suspend and resume operations are allowed.\n\n * 400 TransparentDataEncryptionCannotResume - Encryption scan can not be resumed because no encryption scan is in progress.\n\n * 400 TransparentDataEncryptionCannotSuspend - Encryption scan can not be suspended because no encryption scan is in progress.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 EncryptionInProgress - Cannot modify encryption while an encryption scan in progress.\n\n * 409 KeyChangeInProgress - Cannot change database encryption key while an encryption, decryption, or key change scan is in progress.\n\n * 409 NoBulkOperationLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on database. Try again later.\n\n * 409 NeedsLogBackup - Please wait several minutes for a log backup to occur. \n\n * 409 AltStateConflict - The operation cannot be performed on database because it is involved in a database mirroring session or an availability group. Some operations are not allowed on a database that is participating in a database mirroring session or in an availability group.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 NoDekLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on the database. Try again later.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } @@ -361,7 +361,7 @@ } }, "default": { - "description": "*** Error Responses: ***\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 AttemptedEncryptionOnSystemDatabase - Cannot encrypt a system database. Database encryption operations cannot be performed for 'master', 'model', 'tempdb', 'msdb', or 'resource' databases.\n\n * 400 TransparentDataEncryptionSuspendResumeNotSupportedForDW - Encryption scan suspend and resume is not supported on DW.\n\n * 400 ReadOnly - Cannot enable or modify database encryption on a database that is read-only, has read-only files or is not recovered.\n\n * 400 CanNotChangeReadOnlyDuringTdeScan - Cannot modify filegroup read-only/read-write state while an encryption transition is in progress.\n\n * 400 CanNotDropAlterOnMirror - Please modify Transparent Data Encryption on the primary databases.\n\n * 400 TransparentDataEncryptionScanCannotBeSuspendedAgain - Encryption scan cannot be suspended because it is already in suspended state.\n\n * 400 TransparentDataEncryptionCannotAlterDatabaseEncryptionKey - Database encryption key cannot be altered because the database is not encrypted.\n\n * 400 TransparentDataEncryptionScanCannotBeStarted - When key change is in progress, only suspend and resume operations are allowed.\n\n * 400 TransparentDataEncryptionCannotResume - Encryption scan can not be resumed because no encryption scan is in progress.\n\n * 400 TransparentDataEncryptionCannotSuspend - Encryption scan can not be suspended because no encryption scan is in progress.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 EncryptionInProgress - Cannot modify encryption while an encryption scan in progress.\n\n * 409 KeyChangeInProgress - Cannot change database encryption key while an encryption, decryption, or key change scan is in progress.\n\n * 409 NoBulkOperationLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on database. Try again later.\n\n * 409 NeedsLogBackup - Please wait several minutes for a log backup to occur. \n\n * 409 AltStateConflict - The operation cannot be performed on database because it is involved in a database mirroring session or an availability group. Some operations are not allowed on a database that is participating in a database mirroring session or in an availability group.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 NoDekLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on the database. Try again later.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", + "description": "*** Error Responses: ***\n\n * 400 SecurityAdalPrincipalCertExpiredError - The operation could not be completed because the Azure Key Vault principal certificate has expired.\n\n * 400 AkvHostNotResolvingFromNode - AKV host '{0}' is not resolvable from SQL, on server '{1}'.\n\n * 400 AkvKeyDisabled - Operations on customer managed key are not allowed in Azure Key Vault . Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowed - Operations on customer managed key are not allowed in Azure Key Vault. Please allow the following operations on the key: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyOperationNotAllowedByRBAC - One of required operations on customer managed key is not allowed for currently chosen RBAC role of the managed instance identity on Azure Key Vault . Please change to a RBAC role permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting\n\n * 400 SecurityInvalidAzureKeyVaultRecoveryLevel - The provided Key Vault uri is not valid.\n\n * 400 AkvKeyOperationNotAllowedByFirewall - Connection to Azure Key Vault was forbidden by Azure Key Vault firewall policy. Please review the Azure Key Vault firewall policy to enable connections from Managed Instance . For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessDenied - One of required operations on customer managed key on Azure Key Vault is not allowed for currently set key vault policy used by managed instance identity. Please use a policy permitting the following permissions on the key vault: \"get\", \"wrapKey\", \"unwrapKey\". For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyAccessGeneral403 - Azure Key Vault operation requested by Managed Instance failed due to insufficient permissions. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 MissingKeyVaultUriForRestore - Azure Key Vault key URI '{0}' is required to successfully restore the database '{1}' under server '{2}'.\n\n * 400 AkvKeyDeleted - Customer managed key was not found in Azure Key Vault If it was recently deleted, recovery could be possible if 'soft-delete' protection is enabled on the key vault. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AkvKeyTimeout - Connection to Azure Key Vault could not be established. Please review network settings for Managed Instance '%s'. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 AzureKeyVaultKeyUsedOnGeoPrimary - The operation could not be completed because the Azure Key Vault Key name {0} is currently set as encryption protector on geo-primary.\n\n * 400 AkvKeyDNS - Azure Key Vault URI could not be resolved. Please ensure the key vault URI is valid and that your network settings for Managed Instance are not blocking access to Azure Public DNS. For help resolving this issue, please see https://aka.ms/sqlmi-tde-troubleshooting.\n\n * 400 KeyMaterialNotFoundOnRemoteServer - Remote server does not have access to key material used as a TDE protector.\n\n * 400 PerDatabaseCMKAKVKeyMaterialMissingOnGeoSecondary - All databases in geo replication must contain the same key material as the encryption protector of the source database. Please add the key '{0}' with the same key material to the target database '{1}'.\n\n * 400 AzureKeyVaultRsaKeyNotSupported - The provided key vault uses unsupported RSA Key Size or Key Type. The supported RSA key size is 2048 or 3072 and Key Type is RSA or RSA-HSM.\n\n * 400 PerDatabaseCMKAKVKeyUriMissingOnGeoSecondary - When the automatic rotation of database level TDE Protector is enabled, both source and target databases must be connected to the same key vault. Please add key '{0}' (from the same key vault that is connected to source database) to the target database '{1}'.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeysWithDatabaseName - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary database must be passed to the secondary database '{0}'\n\n * 400 ManagedInstanceNoConditionToMakeDatabaseAccessible - One or more databases on SQL Managed Instance cannot be made accessible because the corresponding inaccessibility root causes have not been mitigated. Please mitigate the inaccessibility root causes for all currently inaccessible databases and retry the operation.\n\n * 400 UmiMissingAkvPermissions - PrimaryUserAssignedIdentityId provided by user does not have access to KeyId provided\n\n * 400 AzureKeyVaultTenantValidationForFabricFailed - Fabric trident server and customer managed keys doesn't belong to same tenant. Tenant Id information present for trident server is '{0}' where as KV challenge returns tenant id as '{1}'.\n\n * 400 SameKeyUriNotFoundOnRemoteServer - Secondary server does not have the key material from the same key vault as the primary server's encryption protector with key auto-rotation enabled.\n\n * 400 SameKeyMaterialNotFoundOnRemoteServer - Secondary server does not have the key material of the primary server's encryption protector.\n\n * 400 SecurityAzureKeyVaultGeoChainError - Creating secondary of secondary (a process known as chaining) is not supported when enabling Transparent Data Encryption using Azure Key Vault (BYOK).\n\n * 400 PerDatabaseCMKDWNotSupported - Database-level CMK in preview is not supported for Datawarehouse edition.\n\n * 400 BlockSystemAssignedIdentityForCrossTenantCMK - Cross tenant CMK can only be configured when the server is configured with a User Assigned Managed Identity. Refer to https://aka.ms/sqltdebyokumi to configure User Assigned Managed Identity.\n\n * 400 PerDatabaseCMKCopyOrReplicationAttemptedWithoutCurrentKeys - While attempting to replicate a database configured with database level encryption protector, the current keys being used by the primary must be passed to the secondary database.\n\n * 400 CannotDropDatabaseAKVError - The database {0} on server {1} cannot be safely dropped because it is encrypted with a customer managed key that is no longer accessible to take the last backup before drop. Please restore Azure Key Vault Access on the server and revalidate the keys to make this database accessible and then proceed with the drop. For details see https://aka.ms/tdecmkrestorability\n\n * 400 CreateDatabaseAttemptedWithRotationInProgress - The create database operation can not be performed at this time due to ongoing Transparent Data Encryption (TDE) key rotation on the server. Please try the operation again later.\n\n * 400 AzureKeyVaultKeyDisabled - The operation could not be completed on the server because the Azure Key Vault key is disabled.\n\n * 400 PerDatabaseCMKRestoreNotSupported - Database restore is not supported when Database-level CMK is configured in preview.\n\n * 400 AzureKeyVaultInvalidExpirationDate - The operation could not be completed because the Azure Key Vault key expiration date is invalid.\n\n * 400 PerDatabaseCMKHSNotSupported - Database-level CMK in preview is not supported for Hyperscale edition.\n\n * 400 SecurityAzureKeyVaultUrlNullOrEmpty - The operation could not be completed because the Azure Key Vault Uri is null or empty.\n\n * 400 CMKOperationNotAllowed - User tried to perform an operation on the server when the server did not have Azure Key Vault Access.\n\n * 400 AkvEndpointNotReachableFromNode - AKV endpoint '{0}' is not reachable from SQL, on server '{1}'.\n\n * 400 AzureKeyVaultNoServerIdentity - The server identity is not correctly configured.\n\n * 400 AzureKeyVaultInvalidUri - An invalid response from Azure Key Vault. Please use a valid Azure Key Vault URI.\n\n * 400 AzureKeyVaultMissingPermissions - The server is missing required permissions on the Azure Key Vault. \n\n * 400 AzureKeyVaultKeyNameCurrentlyInUse - The operation could not be completed because the Azure Key Vault Key name {0} is currently in use.\n\n * 400 AzureKeyVaultKeyThumbprintIsDifferent - The operation could not be completed because the Azure Key Vault Key material is different than the current encryption protector key.\n\n * 400 SecurityAzureKeyVaultInvalidKeyName - The operation could not be completed because of an invalid Server Key name.\n\n * 400 OldGenerationOfAKVKeyBeingUsedError - Using an old version of AKV key as TDE protector is not allowed. Please use the latest version of the AKV key as the encryption protector\n\n * 400 PerDatabaseCMKMissingIdentityOnGeoSecondaryDatabase - Per Database CMK identity not setup on the target database.\n\n * 400 AdalGenericError - The operation could not be completed because an Azure Active Directory error was encountered.\n\n * 400 AdalServicePrincipalNotFound - The operation could not be completed because an Azure Active Directory library Service Principal not found error was encountered.\n\n * 400 AzureKeyVaultMalformedVaultUri - The provided Key Vault uri is not valid.\n\n * 400 AttemptedEncryptionOnSystemDatabase - Cannot encrypt a system database. Database encryption operations cannot be performed for 'master', 'model', 'tempdb', 'msdb', or 'resource' databases.\n\n * 400 TransparentDataEncryptionSuspendResumeNotSupportedForDW - Encryption scan suspend and resume is not supported on DW.\n\n * 400 ReadOnly - Cannot enable or modify database encryption on a database that is read-only, has read-only files or is not recovered.\n\n * 400 CanNotChangeReadOnlyDuringTdeScan - Cannot modify filegroup read-only/read-write state while an encryption transition is in progress.\n\n * 400 CanNotDropAlterOnMirror - Please modify Transparent Data Encryption on the primary databases.\n\n * 400 TransparentDataEncryptionScanCannotBeSuspendedAgain - Encryption scan cannot be suspended because it is already in suspended state.\n\n * 400 TransparentDataEncryptionCannotAlterDatabaseEncryptionKey - Database encryption key cannot be altered because the database is not encrypted.\n\n * 400 TransparentDataEncryptionScanCannotBeStarted - When key change is in progress, only suspend and resume operations are allowed.\n\n * 400 TransparentDataEncryptionCannotResume - Encryption scan can not be resumed because no encryption scan is in progress.\n\n * 400 TransparentDataEncryptionCannotSuspend - Encryption scan can not be suspended because no encryption scan is in progress.\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 ServerKeyNameAlreadyExists - The server key already exists on the server.\n\n * 409 ServerKeyUriAlreadyExists - The server key URI already exists on the server.\n\n * 409 ServerKeyDoesNotExists - The server key does not exist.\n\n * 409 AzureKeyVaultKeyNameNotFound - The operation could not be completed because the Azure Key Vault Key name does not exist.\n\n * 409 AzureKeyVaultKeyInUse - The key is currently being used by the server.\n\n * 409 EncryptionInProgress - Cannot modify encryption while an encryption scan in progress.\n\n * 409 KeyChangeInProgress - Cannot change database encryption key while an encryption, decryption, or key change scan is in progress.\n\n * 409 NoBulkOperationLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on database. Try again later.\n\n * 409 NeedsLogBackup - Please wait several minutes for a log backup to occur. \n\n * 409 AltStateConflict - The operation cannot be performed on database because it is involved in a database mirroring session or an availability group. Some operations are not allowed on a database that is participating in a database mirroring session or in an availability group.\n\n * 409 CannotCancelOperation - The management operation is in a state that cannot be cancelled.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 AzureKeyVaultConnectionFailed - The operation could not be completed on the server because attempts to connect to Azure Key Vault have failed\n\n * 503 AzureKeyVaultGenericConnectionError - The operation could not be completed because an error was encountered when attempting to retrieve Key Vault information .\n\n * 503 NoDekLock - CREATE/ALTER/DROP DATABASE ENCRYPTION KEY failed because a lock could not be placed on the database. Try again later.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.", "schema": { "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ChangeLongTermRetentionBackupAccessTier.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ChangeLongTermRetentionBackupAccessTier.json index 364517fa3af0..56311d4407d6 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ChangeLongTermRetentionBackupAccessTier.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ChangeLongTermRetentionBackupAccessTier.json @@ -30,7 +30,7 @@ }, "202": { "headers": { - "Azure-AsyncOperation": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Sql/locations/japaneast/longTermRetentionServers/serverName/longTermRetentionDatabases/databaseName/longTermRetentionBackups/55555555-6666-7777-8888-999999999999;131637960820000000;Archive/operations/55555555-6666-7777-8888-999999999999?api-version=2025-02-01-preview" + "Azure-AsyncOperation": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Sql/locations/japaneast/longTermRetentionServers/serverName/longTermRetentionDatabases/databaseName/longTermRetentionBackups/55555555-6666-7777-8888-999999999999;131637960820000000;Archive/operations/55555555-6666-7777-8888-999999999999?api-version=2024-11-01-preview" } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/CreateElasticPoolWithAvailabilityZone.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/CreateElasticPoolWithAvailabilityZone.json index 1bce93dc33c0..777483ae2ac8 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/CreateElasticPoolWithAvailabilityZone.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/CreateElasticPoolWithAvailabilityZone.json @@ -7,9 +7,6 @@ "api-version": "2025-02-01-preview", "parameters": { "location": "Japan East", - "sku": { - "name": "HS_Gen5_4" - }, "properties": { "perDatabaseSettings": { "minCapacity": 0.25, @@ -41,6 +38,11 @@ "minCapacity": 0.25, "maxCapacity": 2 }, + "currentSku": { + "name": "StandardPool", + "tier": "Standard", + "capacity": 100 + }, "zoneRedundant": true, "availabilityZone": "1" } @@ -69,6 +71,11 @@ "minCapacity": 0.25, "maxCapacity": 2 }, + "currentSku": { + "name": "StandardPool", + "tier": "Standard", + "capacity": 100 + }, "availabilityZone": "1" } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/DatabaseRecommendedActionListExpand.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/DatabaseRecommendedActionListExpand.json index 9c1de93e5cc7..4269014ff6ba 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/DatabaseRecommendedActionListExpand.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/DatabaseRecommendedActionListExpand.json @@ -597,9 +597,9 @@ "observedImpact": [], "timeSeries": [], "details": { - "sqlErrorNumber": "208", + "sqlErrorNumber": 208, "sqlErrorMessage": "Invalid object name 'dbo.Companies'.", - "sqlErrorCount": "342482" + "sqlErrorCount": 342482 } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/DatabaseSqlVulnerabilityAssessmentScan.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/DatabaseSqlVulnerabilityAssessmentScan.json index 9b81bc77b415..758cde2840e6 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/DatabaseSqlVulnerabilityAssessmentScan.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/DatabaseSqlVulnerabilityAssessmentScan.json @@ -21,7 +21,7 @@ "server": "vulnerabilityassessmenttest-6411", "database": "testdb", "sqlVersion": "15.0.2000", - "startTime": "2020-06-22T23:49:00.6455136-07:00", + "startTime": "2020-06-23T12:19:00.6455136+05:30", "endTime": "2020-06-23T06:49:00.7236217Z", "highSeverityFailedRulesCount": 3, "mediumSeverityFailedRulesCount": 2, @@ -30,7 +30,7 @@ "totalFailedRulesCount": 6, "totalRulesCount": 26, "isBaselineApplied": false, - "lastScanTime": "2020-06-22T23:49:00.6455136-07:00" + "lastScanTime": "2020-06-23T12:19:00.6455136+05:30" } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/DatabaseSqlVulnerabilityAssessmentScanRecordsListByDatabase.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/DatabaseSqlVulnerabilityAssessmentScanRecordsListByDatabase.json index 6348ab1efec9..e069b8002ce7 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/DatabaseSqlVulnerabilityAssessmentScanRecordsListByDatabase.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/DatabaseSqlVulnerabilityAssessmentScanRecordsListByDatabase.json @@ -22,7 +22,7 @@ "server": "vulnerabilityassessmenttest-6411", "database": "testdb", "sqlVersion": "15.0.2000", - "startTime": "2020-06-22T23:49:00.6455136-07:00", + "startTime": "2020-06-23T12:19:00.6455136+05:30", "endTime": "2020-06-23T06:49:00.7236217Z", "highSeverityFailedRulesCount": 3, "mediumSeverityFailedRulesCount": 2, @@ -31,7 +31,7 @@ "totalFailedRulesCount": 6, "totalRulesCount": 26, "isBaselineApplied": false, - "lastScanTime": "2020-06-22T23:49:00.6455136-07:00" + "lastScanTime": "2020-06-23T12:19:00.6455136+05:30" } }, { @@ -45,7 +45,7 @@ "server": "vulnerabilityassessmenttest-6411", "database": "testdb", "sqlVersion": "15.0.2000", - "startTime": "2020-06-22T23:49:00.6455136-07:00", + "startTime": "2020-06-23T12:19:00.6455136+05:30", "endTime": "2020-06-23T06:49:00.7236217Z", "highSeverityFailedRulesCount": 3, "mediumSeverityFailedRulesCount": 2, @@ -54,7 +54,7 @@ "totalFailedRulesCount": 6, "totalRulesCount": 26, "isBaselineApplied": false, - "lastScanTime": "2020-06-22T23:49:00.6455136-07:00" + "lastScanTime": "2020-06-23T12:19:00.6455136+05:30" } }, { @@ -68,7 +68,7 @@ "server": "vulnerabilityassessmenttest-6411", "database": "testdb", "sqlVersion": "15.0.2000", - "startTime": "2020-06-22T23:49:00.6455136-07:00", + "startTime": "2020-06-23T12:19:00.6455136+05:30", "endTime": "2020-06-23T06:49:00.7236217Z", "highSeverityFailedRulesCount": 3, "mediumSeverityFailedRulesCount": 2, @@ -77,7 +77,7 @@ "totalFailedRulesCount": 6, "totalRulesCount": 26, "isBaselineApplied": false, - "lastScanTime": "2020-06-22T23:49:00.6455136-07:00" + "lastScanTime": "2020-06-23T12:19:00.6455136+05:30" } } ] diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateOrUpdateMax.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateOrUpdateMax.json index 265ea39dff50..216d6149c169 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateOrUpdateMax.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateOrUpdateMax.json @@ -40,6 +40,11 @@ "perDatabaseSettings": { "minCapacity": 0.25, "maxCapacity": 2.0 + }, + "currentSku": { + "name": "GP_Gen4_2", + "tier": "GeneralPurpose", + "capacity": 2 } } } @@ -66,6 +71,11 @@ "perDatabaseSettings": { "minCapacity": 0.25, "maxCapacity": 2.0 + }, + "currentSku": { + "name": "GP_Gen4_2", + "tier": "GeneralPurpose", + "capacity": 2 } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateOrUpdateMin.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateOrUpdateMin.json index 95d949ec0350..7458c5675daa 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateOrUpdateMin.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateOrUpdateMin.json @@ -29,6 +29,11 @@ "perDatabaseSettings": { "minCapacity": 0, "maxCapacity": 100 + }, + "currentSku": { + "name": "StandardPool", + "tier": "Standard", + "capacity": 100 } } } @@ -55,6 +60,11 @@ "perDatabaseSettings": { "minCapacity": 0, "maxCapacity": 100 + }, + "currentSku": { + "name": "StandardPool", + "tier": "Standard", + "capacity": 100 } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateOrUpdateServerlessProperties.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateOrUpdateServerlessProperties.json index 59755d052c7d..be000359e53a 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateOrUpdateServerlessProperties.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateOrUpdateServerlessProperties.json @@ -46,13 +46,18 @@ "minCapacity": 0, "maxCapacity": 2.0, "autoPauseDelay": 80 + }, + "currentSku": { + "name": "GP_S_Gen5_2", + "tier": "GeneralPurpose", + "capacity": 2 } } } }, "201": { "headers": { - "Location": "https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlcrudtest-2369/providers/Microsoft.Sql/locations/japaneast1/operationStatus/default/operationId/00000000-0000-0000-0000-000000000000?api-version=2023-05-01" + "Location": "https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlcrudtest-2369/providers/Microsoft.Sql/locations/japaneast1/operationStatus/default/operationId/00000000-0000-0000-0000-000000000000?api-version=2025-02-01" }, "body": { "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-2369/providers/Microsoft.Sql/servers/sqlcrudtest-8069/elasticPools/sqlcrudtest-8102", @@ -75,13 +80,18 @@ "minCapacity": 0, "maxCapacity": 2.0, "autoPauseDelay": 80 + }, + "currentSku": { + "name": "GP_S_Gen5_2", + "tier": "GeneralPurpose", + "capacity": 2 } } } }, "202": { "headers": { - "Location": "https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlcrudtest-2369/providers/Microsoft.Sql/locations/japaneast1/operationStatus/default/operationId/00000000-0000-0000-0000-000000000000?api-version=2023-05-01" + "Location": "https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlcrudtest-2369/providers/Microsoft.Sql/locations/japaneast1/operationStatus/default/operationId/00000000-0000-0000-0000-000000000000?api-version=2025-02-01" } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateOrUpdateSetMaintenanceConfiguration.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateOrUpdateSetMaintenanceConfiguration.json index 26d20e916b8f..5247c2bef1f5 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateOrUpdateSetMaintenanceConfiguration.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateOrUpdateSetMaintenanceConfiguration.json @@ -33,6 +33,11 @@ "minCapacity": 0, "maxCapacity": 100 }, + "currentSku": { + "name": "StandardPool", + "tier": "Standard", + "capacity": 100 + }, "maintenanceConfigurationId": "/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_JapanEast_1" } } @@ -60,6 +65,11 @@ "minCapacity": 0, "maxCapacity": 100 }, + "currentSku": { + "name": "StandardPool", + "tier": "Standard", + "capacity": 100 + }, "maintenanceConfigurationId": "/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_JapanEast_1" } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateWithDefaultPreferredEnclaveType.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateWithDefaultPreferredEnclaveType.json index 83e6423e2090..405f8d42390b 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateWithDefaultPreferredEnclaveType.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateWithDefaultPreferredEnclaveType.json @@ -37,6 +37,12 @@ "minCapacity": 0.0, "maxCapacity": 4.0 }, + "currentSku": { + "name": "GP_Gen5", + "tier": "GeneralPurpose", + "family": "Gen5", + "capacity": 4 + }, "zoneRedundant": false, "licenseType": "LicenseIncluded", "maintenanceConfigurationId": "/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_Default", @@ -68,6 +74,12 @@ "minCapacity": 0.0, "maxCapacity": 4.0 }, + "currentSku": { + "name": "GP_Gen5", + "tier": "GeneralPurpose", + "family": "Gen5", + "capacity": 4 + }, "zoneRedundant": false, "licenseType": "LicenseIncluded", "maintenanceConfigurationId": "/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_Default", diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateWithVBSPreferredEnclaveType.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateWithVBSPreferredEnclaveType.json index 69a7b6fe0d45..a383c2791651 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateWithVBSPreferredEnclaveType.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolCreateWithVBSPreferredEnclaveType.json @@ -37,6 +37,12 @@ "minCapacity": 0.0, "maxCapacity": 4.0 }, + "currentSku": { + "name": "GP_Gen5", + "tier": "GeneralPurpose", + "family": "Gen5", + "capacity": 4 + }, "zoneRedundant": false, "licenseType": "LicenseIncluded", "maintenanceConfigurationId": "/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_Default", @@ -68,6 +74,12 @@ "minCapacity": 0.0, "maxCapacity": 4.0 }, + "currentSku": { + "name": "GP_Gen5", + "tier": "GeneralPurpose", + "family": "Gen5", + "capacity": 4 + }, "zoneRedundant": false, "licenseType": "LicenseIncluded", "maintenanceConfigurationId": "/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_Default", diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolGet.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolGet.json index 7f2b4f2b882c..e61eefdd148b 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolGet.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolGet.json @@ -27,6 +27,11 @@ "minCapacity": 0.25, "maxCapacity": 1.0 }, + "currentSku": { + "name": "GP_Gen5_2", + "tier": "GeneralPurpose", + "capacity": 2 + }, "zoneRedundant": true, "licenseType": "LicenseIncluded", "maintenanceConfigurationId": "/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_JapanEast_1" diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolGetWithPreferredEnclaveType.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolGetWithPreferredEnclaveType.json index c2540a985bbe..80078f405fa2 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolGetWithPreferredEnclaveType.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolGetWithPreferredEnclaveType.json @@ -28,6 +28,11 @@ "minCapacity": 0.0, "maxCapacity": 4.0 }, + "currentSku": { + "name": "GP_Gen5", + "tier": "GeneralPurpose", + "capacity": 2 + }, "zoneRedundant": false, "licenseType": "LicenseIncluded", "maintenanceConfigurationId": "/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_Default", diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolListByServer.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolListByServer.json index 1d848a425072..ca8d03fbdaad 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolListByServer.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolListByServer.json @@ -28,6 +28,11 @@ "minCapacity": 0.25, "maxCapacity": 1.0 }, + "currentSku": { + "name": "GP_Gen4_2", + "tier": "GeneralPurpose", + "capacity": 2 + }, "zoneRedundant": true, "licenseType": "LicenseIncluded" } @@ -50,6 +55,11 @@ "perDatabaseSettings": { "minCapacity": 0, "maxCapacity": 5 + }, + "currentSku": { + "name": "BasicPool", + "tier": "Basic", + "capacity": 50 } } }, @@ -71,6 +81,11 @@ "perDatabaseSettings": { "minCapacity": 0, "maxCapacity": 5 + }, + "currentSku": { + "name": "BasicPool", + "tier": "Basic", + "capacity": 50 } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateAssignMaintenanceConfiguration.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateAssignMaintenanceConfiguration.json index 83a0d3a4c6cd..7d901414eabd 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateAssignMaintenanceConfiguration.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateAssignMaintenanceConfiguration.json @@ -32,6 +32,11 @@ "minCapacity": 0, "maxCapacity": 5 }, + "currentSku": { + "name": "BasicPool", + "tier": "Basic", + "capacity": 50 + }, "maintenanceConfigurationId": "/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_JapanEast_1" } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateMax.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateMax.json index 963060ea800e..6a5038950f6e 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateMax.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateMax.json @@ -42,6 +42,11 @@ "minCapacity": 0.25, "maxCapacity": 1.0 }, + "currentSku": { + "name": "BC_Gen4", + "tier": "BusinessCritical", + "capacity": 2 + }, "zoneRedundant": true, "licenseType": "LicenseIncluded" } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateMin.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateMin.json index 45f0775cf5b1..15389ad9f5e1 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateMin.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateMin.json @@ -27,6 +27,11 @@ "perDatabaseSettings": { "minCapacity": 0, "maxCapacity": 5 + }, + "currentSku": { + "name": "BC_Gen4", + "tier": "BusinessCritical", + "capacity": 2 } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateResetMaintenanceConfiguration.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateResetMaintenanceConfiguration.json index 371e56e96ed8..1944b875fce3 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateResetMaintenanceConfiguration.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateResetMaintenanceConfiguration.json @@ -31,6 +31,11 @@ "perDatabaseSettings": { "minCapacity": 0, "maxCapacity": 5 + }, + "currentSku": { + "name": "BasicPool", + "tier": "Basic", + "capacity": 50 } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateServerlessProperties.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateServerlessProperties.json index 0ede206c62cb..cc2e7c07ad2c 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateServerlessProperties.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateServerlessProperties.json @@ -45,13 +45,18 @@ "minCapacity": 0, "maxCapacity": 2.0, "autoPauseDelay": 80 + }, + "currentSku": { + "name": "GP_S_Gen5_2", + "tier": "GeneralPurpose", + "capacity": 2 } } } }, "202": { "headers": { - "Location": "https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlcrudtest-2369/providers/Microsoft.Sql/locations/japaneast1/operationStatus/default/operationId/00000000-0000-0000-0000-000000000000?api-version=2023-05-01" + "Location": "https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sqlcrudtest-2369/providers/Microsoft.Sql/locations/japaneast1/operationStatus/default/operationId/00000000-0000-0000-0000-000000000000?api-version=2025-02-01" } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateWithDefaultPreferredEnclaveType.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateWithDefaultPreferredEnclaveType.json index bc70eaf6db49..feae6331d655 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateWithDefaultPreferredEnclaveType.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateWithDefaultPreferredEnclaveType.json @@ -36,6 +36,12 @@ "minCapacity": 0.0, "maxCapacity": 4.0 }, + "currentSku": { + "name": "GP_Gen5", + "tier": "GeneralPurpose", + "family": "Gen5", + "capacity": 4 + }, "zoneRedundant": false, "licenseType": "LicenseIncluded", "maintenanceConfigurationId": "/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_Default", diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateWithVBSPreferredEnclaveType.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateWithVBSPreferredEnclaveType.json index 6f33e6de5104..d79f89fb7975 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateWithVBSPreferredEnclaveType.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ElasticPoolUpdateWithVBSPreferredEnclaveType.json @@ -36,6 +36,12 @@ "minCapacity": 0.0, "maxCapacity": 4.0 }, + "currentSku": { + "name": "GP_Gen5", + "tier": "GeneralPurpose", + "family": "Gen5", + "capacity": 4 + }, "zoneRedundant": false, "licenseType": "LicenseIncluded", "maintenanceConfigurationId": "/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_Default", diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/EncryptionProtectorRevalidate.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/EncryptionProtectorRevalidate.json index a2084cda2cec..1779c6d628f8 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/EncryptionProtectorRevalidate.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/EncryptionProtectorRevalidate.json @@ -10,7 +10,7 @@ "200": {}, "202": { "headers": { - "Location": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Sql/locations/westus/encryptionProtectorOperationResults/00000000-1111-2222-3333-444444444444?api-version=2025-02-01-preview" + "Location": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Sql/locations/westus/encryptionProtectorOperationResults/00000000-1111-2222-3333-444444444444?api-version=2024-11-01-preview" } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/GetElasticPoolWithAvailabilityZone.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/GetElasticPoolWithAvailabilityZone.json index 4d6e7848fee2..337a9470f03e 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/GetElasticPoolWithAvailabilityZone.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/GetElasticPoolWithAvailabilityZone.json @@ -27,6 +27,11 @@ "minCapacity": 0.25, "maxCapacity": 1.0 }, + "currentSku": { + "name": "GP_Gen5_2", + "tier": "GeneralPurpose", + "capacity": 2 + }, "zoneRedundant": true, "licenseType": "LicenseIncluded", "maintenanceConfigurationId": "/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_JapanEast_1", diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/GetElasticPoolWithServerlessProperties.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/GetElasticPoolWithServerlessProperties.json index 803dcd8e91a5..db6a4c8cf362 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/GetElasticPoolWithServerlessProperties.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/GetElasticPoolWithServerlessProperties.json @@ -30,6 +30,11 @@ "maxCapacity": 1.0, "autoPauseDelay": 60 }, + "currentSku": { + "name": "GP_S_Gen5_2", + "tier": "GeneralPurpose", + "capacity": 2 + }, "zoneRedundant": true, "licenseType": "LicenseIncluded", "maintenanceConfigurationId": "/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_JapanEast_1" diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/GetImportExportOperationResultsByServer.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/GetImportExportOperationResultsByServer.json new file mode 100644 index 000000000000..e003a82d60d0 --- /dev/null +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/GetImportExportOperationResultsByServer.json @@ -0,0 +1,48 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "Default-SQL-EastUs", + "serverName": "testsvr", + "api-version": "2025-02-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "requestId": "5fa0abda-126c-4e9e-b06d-8f05973f7d71", + "requestType": "ExportDatabase", + "queuedTime": "07/15/2025 06:44:16", + "lastModifiedTime": "07/15/2025 06:49:04", + "blobUri": "https://teststorageaccount.blob.core.windows.net/testimportexport/students.bacpac ", + "serverName": "testsvr", + "databaseName": "testdb1", + "status": "Completed", + "privateEndpointConnections": [] + }, + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Default-SQL-EastUs/providers/Microsoft.Sql/servers/testsvr/importExportOperationResults/5fa0abda-126c-4e9e-b06d-8f05973f7d71", + "name": "5fa0abda-126c-4e9e-b06d-8f05973f7d71", + "type": "Microsoft.Sql/servers/importExportOperationResults" + }, + { + "properties": { + "requestId": "6fa0abda-626c-4e9e-b06e-8f05973f7d72", + "requestType": "ImportDatabase", + "queuedTime": "08/19/2025 09:24:36", + "lastModifiedTime": "08/19/2025 09:24:36", + "blobUri": "https://teststorageaccount.blob.core.windows.net/testimportexport/students.bacpac ", + "serverName": "testsvr", + "databaseName": "testdb2", + "status": "Completed", + "privateEndpointConnections": [] + }, + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Default-SQL-EastUs/providers/Microsoft.Sql/servers/testsvr/importExportOperationResults/6fa0abda-626c-4e9e-b06e-8f05973f7d72", + "name": "6fa0abda-626c-4e9e-b06e-8f05973f7d72", + "type": "Microsoft.Sql/servers/importExportOperationResults" + } + ] + } + } + } +} diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/HyperscaleElasticPoolCreateOrUpdateSetHighAvailabilityReplicaCount.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/HyperscaleElasticPoolCreateOrUpdateSetHighAvailabilityReplicaCount.json index d5be88191160..a3ca0dad075c 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/HyperscaleElasticPoolCreateOrUpdateSetHighAvailabilityReplicaCount.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/HyperscaleElasticPoolCreateOrUpdateSetHighAvailabilityReplicaCount.json @@ -37,6 +37,12 @@ "minCapacity": 0.0, "maxCapacity": 4.0 }, + "currentSku": { + "name": "HS_Gen5", + "tier": "Hyperscale", + "family": "Gen5", + "capacity": 4 + }, "zoneRedundant": false, "licenseType": "LicenseIncluded", "maintenanceConfigurationId": "/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_Default", @@ -68,6 +74,12 @@ "minCapacity": 0.0, "maxCapacity": 4.0 }, + "currentSku": { + "name": "HS_Gen5", + "tier": "Hyperscale", + "family": "Gen5", + "capacity": 4 + }, "zoneRedundant": false, "licenseType": "LicenseIncluded", "maintenanceConfigurationId": "/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_Default", diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/HyperscaleElasticPoolGet.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/HyperscaleElasticPoolGet.json index e199f619bb66..ab7e60b4d57a 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/HyperscaleElasticPoolGet.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/HyperscaleElasticPoolGet.json @@ -28,6 +28,12 @@ "minCapacity": 0.0, "maxCapacity": 4.0 }, + "currentSku": { + "name": "HS_Gen5", + "tier": "Hyperscale", + "family": "Gen5", + "capacity": 4 + }, "zoneRedundant": false, "licenseType": "LicenseIncluded", "maintenanceConfigurationId": "/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_Default", diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/HyperscaleElasticPoolUpdateSetHighAvailabilityReplicaCount.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/HyperscaleElasticPoolUpdateSetHighAvailabilityReplicaCount.json index f122b63dc386..0c97742c3647 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/HyperscaleElasticPoolUpdateSetHighAvailabilityReplicaCount.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/HyperscaleElasticPoolUpdateSetHighAvailabilityReplicaCount.json @@ -33,6 +33,12 @@ "minCapacity": 0.0, "maxCapacity": 4.0 }, + "currentSku": { + "name": "HS_Gen5", + "tier": "Hyperscale", + "family": "Gen5", + "capacity": 4 + }, "zoneRedundant": false, "licenseType": "LicenseIncluded", "maintenanceConfigurationId": "/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_Default", diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ListVCoreDatabasesByServerWithOdata.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ListVCoreDatabasesByServerWithOdata.json new file mode 100644 index 000000000000..0f0901a6b573 --- /dev/null +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ListVCoreDatabasesByServerWithOdata.json @@ -0,0 +1,94 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "Default-SQL-SouthEastAsia", + "serverName": "testsvr", + "api-version": "2025-02-01-preview", + "filter": "$filter=startswith(Name, 'db')", + "orderby": "$orderby=Name desc", + "skip": "$skip=0", + "top": "$top=2" + }, + "responses": { + "200": { + "body": [ + { + "sku": { + "name": "BC_Gen5", + "tier": "BusinessCritical", + "capacity": 2 + }, + "kind": "v12.0,user,vcore", + "properties": { + "collation": "SQL_Latin1_General_CP1_CI_AS", + "maxSizeBytes": 268435456000, + "status": "Online", + "databaseId": "6c764297-577b-470f-9af4-96d3d41e2ba3", + "creationDate": "2017-06-07T04:41:33.937Z", + "currentServiceObjectiveName": "BC_Gen5_2", + "requestedServiceObjectiveName": "BC_Gen5_2", + "defaultSecondaryLocation": "North Europe", + "catalogCollation": "SQL_Latin1_General_CP1_CI_AS", + "licenseType": "LicenseIncluded", + "maxLogSizeBytes": 104857600, + "isInfraEncryptionEnabled": false, + "zoneRedundant": false, + "readScale": "Enabled", + "earliestRestoreDate": "2017-06-07T04:51:33.937Z", + "maintenanceConfigurationId": "/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_SouthEastAsia_1", + "currentSku": { + "name": "BC_Gen5", + "tier": "BusinessCritical", + "capacity": 2 + }, + "currentBackupStorageRedundancy": "Geo", + "requestedBackupStorageRedundancy": "Geo", + "isLedgerOn": false + }, + "location": "southeastasia", + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Default-SQL-SouthEastAsia/providers/Microsoft.Sql/servers/testsvr/databases/db2", + "name": "db2", + "type": "Microsoft.Sql/servers/databases" + }, + { + "sku": { + "name": "BC_Gen5", + "tier": "BusinessCritical", + "capacity": 2 + }, + "kind": "v12.0,user,vcore", + "properties": { + "collation": "SQL_Latin1_General_CP1_CI_AS", + "maxSizeBytes": 268435456000, + "status": "Online", + "databaseId": "6c764297-577b-470f-9af4-96d3d41e2ba3", + "creationDate": "2017-06-07T04:41:33.937Z", + "currentServiceObjectiveName": "BC_Gen5_2", + "requestedServiceObjectiveName": "BC_Gen5_2", + "defaultSecondaryLocation": "North Europe", + "catalogCollation": "SQL_Latin1_General_CP1_CI_AS", + "licenseType": "LicenseIncluded", + "maxLogSizeBytes": 104857600, + "isInfraEncryptionEnabled": false, + "zoneRedundant": false, + "readScale": "Enabled", + "earliestRestoreDate": "2017-06-07T04:51:33.937Z", + "maintenanceConfigurationId": "/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Maintenance/publicMaintenanceConfigurations/SQL_SouthEastAsia_1", + "currentSku": { + "name": "BC_Gen5", + "tier": "BusinessCritical", + "capacity": 2 + }, + "currentBackupStorageRedundancy": "Geo", + "requestedBackupStorageRedundancy": "Geo", + "isLedgerOn": false + }, + "location": "southeastasia", + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Default-SQL-SouthEastAsia/providers/Microsoft.Sql/servers/testsvr/databases/db1", + "name": "db1", + "type": "Microsoft.Sql/servers/databases" + } + ] + } + } +} diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/LockTimeBasedImmutabilityLongTermRetentionBackup.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/LockTimeBasedImmutabilityLongTermRetentionBackup.json index b592a7edb9d8..50928b2675b8 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/LockTimeBasedImmutabilityLongTermRetentionBackup.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/LockTimeBasedImmutabilityLongTermRetentionBackup.json @@ -23,7 +23,7 @@ }, "202": { "headers": { - "Azure-AsyncOperation": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Sql/locations/japaneast/longTermRetentionBackupAzureAsyncOperation/01234567-890a-bcde-f012-34567890abcd?api-version=2025-02-01-preview" + "Azure-AsyncOperation": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Sql/locations/japaneast/longTermRetentionBackupAzureAsyncOperation/01234567-890a-bcde-f012-34567890abcd?api-version=2024-11-01-preview" } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedDatabaseReevaluateInaccessibleDatabaseState.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedDatabaseReevaluateInaccessibleDatabaseState.json index e0f998c28dcf..b3583f05634b 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedDatabaseReevaluateInaccessibleDatabaseState.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedDatabaseReevaluateInaccessibleDatabaseState.json @@ -24,8 +24,8 @@ }, "202": { "headers": { - "Location": "https://management.azure.com/subscriptions/f2669dff-5f08-45dd-b857-b2a60b72cdc9/providers/Microsoft.Sql/locations/southeastasia/managedDatabaseOperationResults/00000000-1111-2222-3333-444444444444?api-version=2025-02-01-preview", - "Azure-AsyncOperation": "https://management.azure.com/subscriptions/f2669dff-5f08-45dd-b857-b2a60b72cdc9/providers/Microsoft.Sql/locations/southeastasia/managedDatabaseAzureAsyncOperation/00000000-1111-2222-3333-444444444444?api-version=2025-02-01-preview" + "Location": "https://management.azure.com/subscriptions/f2669dff-5f08-45dd-b857-b2a60b72cdc9/providers/Microsoft.Sql/locations/southeastasia/managedDatabaseOperationResults/00000000-1111-2222-3333-444444444444?api-version=2024-11-01-preview", + "Azure-AsyncOperation": "https://management.azure.com/subscriptions/f2669dff-5f08-45dd-b857-b2a60b72cdc9/providers/Microsoft.Sql/locations/southeastasia/managedDatabaseAzureAsyncOperation/00000000-1111-2222-3333-444444444444?api-version=2024-11-01-preview" } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstancValidateAzureKeyVaultEncryptionKey.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstancValidateAzureKeyVaultEncryptionKey.json index 9b86d1d60e09..85f7bb27cb37 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstancValidateAzureKeyVaultEncryptionKey.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstancValidateAzureKeyVaultEncryptionKey.json @@ -12,8 +12,8 @@ "200": {}, "202": { "headers": { - "Location": "https://management.azure.com/subscriptions/f2669dff-5f08-45dd-b857-b2a60b72cdc9/providers/Microsoft.Sql/locations/japaneast/managedInstanceOperationResults/00000000-1111-2222-3333-444444444444?api-version=2025-02-01-preview", - "Azure-AsyncOperation": "https://management.azure.com/subscriptions/f2669dff-5f08-45dd-b857-b2a60b72cdc9/providers/Microsoft.Sql/locations/japaneast/managedInstanceAzureAsyncOperation/00000000-1111-2222-3333-444444444444?api-version=2025-02-01-preview" + "Location": "https://management.azure.com/subscriptions/f2669dff-5f08-45dd-b857-b2a60b72cdc9/providers/Microsoft.Sql/locations/japaneast/managedInstanceOperationResults/00000000-1111-2222-3333-444444444444?api-version=2024-11-01-preview", + "Azure-AsyncOperation": "https://management.azure.com/subscriptions/f2669dff-5f08-45dd-b857-b2a60b72cdc9/providers/Microsoft.Sql/locations/japaneast/managedInstanceAzureAsyncOperation/00000000-1111-2222-3333-444444444444?api-version=2024-11-01-preview" } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstanceDtcGet.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstanceDtcGet.json index e6a89ceb6d5e..a6dd15936498 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstanceDtcGet.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstanceDtcGet.json @@ -27,6 +27,7 @@ "dns.example2.com" ], "dtcHostNameDnsSuffix": "dtcHostNameSuffixExample.com", + "fqdnEnabled": false, "provisioningState": "Succeeded" }, "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/testrg/providers/Microsoft.Sql/managedInstances/testinstance/dtc/current", diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstanceDtcList.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstanceDtcList.json index 5e5c18eb58d8..4cf0e7d4effd 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstanceDtcList.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstanceDtcList.json @@ -28,6 +28,7 @@ "dns.example2.com" ], "dtcHostNameDnsSuffix": "dtcHostNameSuffixExample.com", + "fqdnEnabled": false, "provisioningState": "Succeeded" }, "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/testrg/providers/Microsoft.Sql/managedInstances/testinstance/dtc/current", diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstanceDtcUpdateEnableDtc.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstanceDtcUpdateEnableDtc.json index e5fac78cd55f..c312d90bb62f 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstanceDtcUpdateEnableDtc.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstanceDtcUpdateEnableDtc.json @@ -32,6 +32,7 @@ "dns.example2.com" ], "dtcHostNameDnsSuffix": "dtcHostNameSuffixExample.com", + "fqdnEnabled": false, "provisioningState": "Updating" }, "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/testrg/providers/Microsoft.Sql/managedInstances/testinstance/dtc/current", diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstanceDtcUpdateMax.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstanceDtcUpdateMax.json index 7767169fc0c6..4dbbb7b6a97f 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstanceDtcUpdateMax.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstanceDtcUpdateMax.json @@ -22,7 +22,8 @@ "externalDnsSuffixSearchList": [ "dns.example1.com", "dns.example2.com" - ] + ], + "fqdnEnabled": true } } }, @@ -47,6 +48,7 @@ "dns.example2.com" ], "dtcHostNameDnsSuffix": "dtcHostNameSuffixExample.com", + "fqdnEnabled": true, "provisioningState": "Updating" }, "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/testrg/providers/Microsoft.Sql/managedInstances/testinstance/dtc/current", diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstanceReevaluateInaccessibleDatabaseState.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstanceReevaluateInaccessibleDatabaseState.json index 222777acc999..5435634ab8d1 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstanceReevaluateInaccessibleDatabaseState.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ManagedInstanceReevaluateInaccessibleDatabaseState.json @@ -9,8 +9,8 @@ "200": {}, "202": { "headers": { - "Location": "https://management.azure.com/subscriptions/f2669dff-5f08-45dd-b857-b2a60b72cdc9/providers/Microsoft.Sql/locations/japaneast/managedInstanceOperationResults/00000000-1111-2222-3333-444444444444?api-version=2025-02-01-preview", - "Azure-AsyncOperation": "https://management.azure.com/subscriptions/f2669dff-5f08-45dd-b857-b2a60b72cdc9/providers/Microsoft.Sql/locations/japaneast/managedInstanceAzureAsyncOperation/00000000-1111-2222-3333-444444444444?api-version=2025-02-01-preview" + "Location": "https://management.azure.com/subscriptions/f2669dff-5f08-45dd-b857-b2a60b72cdc9/providers/Microsoft.Sql/locations/japaneast/managedInstanceOperationResults/00000000-1111-2222-3333-444444444444?api-version=2024-11-01-preview", + "Azure-AsyncOperation": "https://management.azure.com/subscriptions/f2669dff-5f08-45dd-b857-b2a60b72cdc9/providers/Microsoft.Sql/locations/japaneast/managedInstanceAzureAsyncOperation/00000000-1111-2222-3333-444444444444?api-version=2024-11-01-preview" } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/RemoveLegalHoldImmutabilityLongTermRetentionBackup.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/RemoveLegalHoldImmutabilityLongTermRetentionBackup.json index 03c73b8678f1..533e85529ba3 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/RemoveLegalHoldImmutabilityLongTermRetentionBackup.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/RemoveLegalHoldImmutabilityLongTermRetentionBackup.json @@ -23,7 +23,7 @@ }, "202": { "headers": { - "Azure-AsyncOperation": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Sql/locations/japaneast/longTermRetentionBackupAzureAsyncOperation/01234567-890a-bcde-f012-34567890abcd?api-version=2025-02-01-preview" + "Azure-AsyncOperation": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Sql/locations/japaneast/longTermRetentionBackupAzureAsyncOperation/01234567-890a-bcde-f012-34567890abcd?api-version=2024-11-01-preview" } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/RemoveTimeBasedImmutabilityLongTermRetentionBackup.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/RemoveTimeBasedImmutabilityLongTermRetentionBackup.json index 609b6986ed7a..4b4da3063521 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/RemoveTimeBasedImmutabilityLongTermRetentionBackup.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/RemoveTimeBasedImmutabilityLongTermRetentionBackup.json @@ -23,7 +23,7 @@ }, "202": { "headers": { - "Azure-AsyncOperation": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Sql/locations/japaneast/longTermRetentionBackupAzureAsyncOperation/01234567-890a-bcde-f012-34567890abcd?api-version=2025-02-01-preview" + "Azure-AsyncOperation": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Sql/locations/japaneast/longTermRetentionBackupAzureAsyncOperation/01234567-890a-bcde-f012-34567890abcd?api-version=2024-11-01-preview" } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ResourceGroupBasedChangeLongTermRetentionBackupAccessTier.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ResourceGroupBasedChangeLongTermRetentionBackupAccessTier.json index bf896b095174..45a0cfd2abcb 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ResourceGroupBasedChangeLongTermRetentionBackupAccessTier.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ResourceGroupBasedChangeLongTermRetentionBackupAccessTier.json @@ -31,7 +31,7 @@ }, "202": { "headers": { - "Azure-AsyncOperation": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/resourceGroupName/providers/Microsoft.Sql/locations/japaneast/longTermRetentionServers/serverName/longTermRetentionDatabases/databaseName/longTermRetentionBackups/55555555-6666-7777-8888-999999999999;131637960820000000;Archive/operations/55555555-6666-7777-8888-999999999999?api-version=2025-02-01-preview" + "Azure-AsyncOperation": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/resourceGroupName/providers/Microsoft.Sql/locations/japaneast/longTermRetentionServers/serverName/longTermRetentionDatabases/databaseName/longTermRetentionBackups/55555555-6666-7777-8888-999999999999;131637960820000000;Archive/operations/55555555-6666-7777-8888-999999999999?api-version=2024-11-01-preview" } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ResourceGroupBasedLockTimeBasedImmutabilityLongTermRetentionBackup.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ResourceGroupBasedLockTimeBasedImmutabilityLongTermRetentionBackup.json index 31444afc4dde..6a9a084125af 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ResourceGroupBasedLockTimeBasedImmutabilityLongTermRetentionBackup.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ResourceGroupBasedLockTimeBasedImmutabilityLongTermRetentionBackup.json @@ -24,7 +24,7 @@ }, "202": { "headers": { - "Azure-AsyncOperation": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/resourceGroupName/providers/Microsoft.Sql/locations/japaneast/longTermRetentionBackupAzureAsyncOperation/01234567-890a-bcde-f012-34567890abcd?api-version=2025-02-01-preview" + "Azure-AsyncOperation": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/resourceGroupName/providers/Microsoft.Sql/locations/japaneast/longTermRetentionBackupAzureAsyncOperation/01234567-890a-bcde-f012-34567890abcd?api-version=2024-11-01-preview" } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ResourceGroupBasedRemoveLegalHoldImmutabilityLongTermRetentionBackup.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ResourceGroupBasedRemoveLegalHoldImmutabilityLongTermRetentionBackup.json index 9442671ec517..5ed6f81d2053 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ResourceGroupBasedRemoveLegalHoldImmutabilityLongTermRetentionBackup.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ResourceGroupBasedRemoveLegalHoldImmutabilityLongTermRetentionBackup.json @@ -24,7 +24,7 @@ }, "202": { "headers": { - "Azure-AsyncOperation": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/resourceGroupName/providers/Microsoft.Sql/locations/japaneast/longTermRetentionBackupAzureAsyncOperation/01234567-890a-bcde-f012-34567890abcd?api-version=2025-02-01-preview" + "Azure-AsyncOperation": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/resourceGroupName/providers/Microsoft.Sql/locations/japaneast/longTermRetentionBackupAzureAsyncOperation/01234567-890a-bcde-f012-34567890abcd?api-version=2024-11-01-preview" } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ResourceGroupBasedRemoveTimeBasedImmutabilityLongTermRetentionBackup.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ResourceGroupBasedRemoveTimeBasedImmutabilityLongTermRetentionBackup.json index 60900f619145..21076be38a26 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ResourceGroupBasedRemoveTimeBasedImmutabilityLongTermRetentionBackup.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ResourceGroupBasedRemoveTimeBasedImmutabilityLongTermRetentionBackup.json @@ -24,7 +24,7 @@ }, "202": { "headers": { - "Azure-AsyncOperation": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/resourceGroupName/providers/Microsoft.Sql/locations/japaneast/longTermRetentionBackupAzureAsyncOperation/01234567-890a-bcde-f012-34567890abcd?api-version=2025-02-01-preview" + "Azure-AsyncOperation": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/resourceGroupName/providers/Microsoft.Sql/locations/japaneast/longTermRetentionBackupAzureAsyncOperation/01234567-890a-bcde-f012-34567890abcd?api-version=2024-11-01-preview" } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ResourceGroupBasedSetLegalHoldImmutabilityLongTermRetentionBackup.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ResourceGroupBasedSetLegalHoldImmutabilityLongTermRetentionBackup.json index fbed3cdebe0a..ac5a5f64cffe 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ResourceGroupBasedSetLegalHoldImmutabilityLongTermRetentionBackup.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ResourceGroupBasedSetLegalHoldImmutabilityLongTermRetentionBackup.json @@ -24,7 +24,7 @@ }, "202": { "headers": { - "Azure-AsyncOperation": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/resourceGroupName/providers/Microsoft.Sql/locations/japaneast/longTermRetentionBackupAzureAsyncOperation/01234567-890a-bcde-f012-34567890abcd?api-version=2025-02-01-preview" + "Azure-AsyncOperation": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/resourceGroupName/providers/Microsoft.Sql/locations/japaneast/longTermRetentionBackupAzureAsyncOperation/01234567-890a-bcde-f012-34567890abcd?api-version=2024-11-01-preview" } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerCreate.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerCreate.json index d46058770d25..74fdb9b5d7a3 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerCreate.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerCreate.json @@ -15,11 +15,9 @@ "tenantId": "00000011-1111-2222-2222-123456789111", "azureADOnlyAuthentication": true }, - "createMode": "Normal", "publicNetworkAccess": "Enabled", "restrictOutboundNetworkAccess": "Enabled", - "isIPv6Enabled": "Enabled", - "retentionDays": 7 + "isIPv6Enabled": "Enabled" }, "location": "Japan East" } @@ -40,7 +38,6 @@ "publicNetworkAccess": "Enabled", "restrictOutboundNetworkAccess": "Enabled", "isIPv6Enabled": "Enabled", - "retentionDays": 7, "administrators": { "principalType": "User", "login": "bob@contoso.com", @@ -80,7 +77,6 @@ "publicNetworkAccess": "Enabled", "restrictOutboundNetworkAccess": "Enabled", "isIPv6Enabled": "Enabled", - "retentionDays": 7, "version": "12.0", "state": "Ready", "administrators": { diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerGet.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerGet.json index b54c5c4727d9..3f5e73f02b58 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerGet.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerGet.json @@ -25,7 +25,6 @@ "publicNetworkAccess": "Enabled", "restrictOutboundNetworkAccess": "Enabled", "isIPv6Enabled": "Enabled", - "retentionDays": 7, "externalGovernanceStatus": "Enabled", "privateEndpointConnections": [ { diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerGetWithExpandEqualsAdministrators.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerGetWithExpandEqualsAdministrators.json index de77bca5e95d..76fb8818dab8 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerGetWithExpandEqualsAdministrators.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerGetWithExpandEqualsAdministrators.json @@ -25,7 +25,6 @@ "publicNetworkAccess": "Enabled", "restrictOutboundNetworkAccess": "Enabled", "isIPv6Enabled": "Enabled", - "retentionDays": 7, "externalGovernanceStatus": "Enabled", "administrators": { "principalType": "User", diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerListByResourceGroup.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerListByResourceGroup.json index b37cbecd6a1c..5587a17640a3 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerListByResourceGroup.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerListByResourceGroup.json @@ -23,7 +23,6 @@ "publicNetworkAccess": "Enabled", "restrictOutboundNetworkAccess": "Enabled", "isIPv6Enabled": "Enabled", - "retentionDays": 7, "externalGovernanceStatus": "Enabled", "privateEndpointConnections": [ { @@ -58,7 +57,6 @@ "publicNetworkAccess": "Enabled", "restrictOutboundNetworkAccess": "Enabled", "isIPv6Enabled": "Enabled", - "retentionDays": 7, "externalGovernanceStatus": "Enabled", "privateEndpointConnections": [ { diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerListByResourceGroupWithExpandEqualsAdministrators.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerListByResourceGroupWithExpandEqualsAdministrators.json index 724f132986a5..6d2d1a1fa70c 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerListByResourceGroupWithExpandEqualsAdministrators.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerListByResourceGroupWithExpandEqualsAdministrators.json @@ -23,7 +23,6 @@ "publicNetworkAccess": "Enabled", "restrictOutboundNetworkAccess": "Enabled", "isIPv6Enabled": "Enabled", - "retentionDays": 7, "externalGovernanceStatus": "Enabled", "administrators": { "principalType": "User", @@ -65,7 +64,6 @@ "publicNetworkAccess": "Enabled", "restrictOutboundNetworkAccess": "Enabled", "isIPv6Enabled": "Enabled", - "retentionDays": 7, "externalGovernanceStatus": "Enabled", "administrators": { "principalType": "User", diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerListWithExpandEqualsAdministrators.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerListWithExpandEqualsAdministrators.json index 881a97af2ba0..cb96c37aec04 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerListWithExpandEqualsAdministrators.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerListWithExpandEqualsAdministrators.json @@ -22,7 +22,6 @@ "publicNetworkAccess": "Enabled", "restrictOutboundNetworkAccess": "Enabled", "isIPv6Enabled": "Enabled", - "retentionDays": 7, "externalGovernanceStatus": "Enabled", "administrators": { "principalType": "User", @@ -64,7 +63,6 @@ "publicNetworkAccess": "Enabled", "restrictOutboundNetworkAccess": "Enabled", "isIPv6Enabled": "Enabled", - "retentionDays": 7, "externalGovernanceStatus": "Enabled", "administrators": { "principalType": "User", diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerUpdate.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerUpdate.json index c980e18846e0..33618217b135 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerUpdate.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/ServerUpdate.json @@ -10,8 +10,7 @@ "administratorLoginPassword": "placeholder", "publicNetworkAccess": "Disabled", "restrictOutboundNetworkAccess": "Enabled", - "isIPv6Enabled": "Enabled", - "retentionDays": 7 + "isIPv6Enabled": "Enabled" } } }, @@ -34,7 +33,6 @@ "publicNetworkAccess": "Disabled", "restrictOutboundNetworkAccess": "Enabled", "isIPv6Enabled": "Enabled", - "retentionDays": 7, "privateEndpointConnections": [ { "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-7398/providers/Microsoft.Sql/servers/sqlcrudtest-4645/privateEndpointConnections/private-endpoint-name-00000000-1111-2222-3333-444444444444", @@ -56,7 +54,7 @@ }, "202": { "headers": { - "Location": "https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myResourceGroup/providers/Microsoft.Sql/locations/japaneast/serverOperationResults/00000000-0000-0000-0000-000000000000?api-version=2024-08-01" + "Location": "https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myResourceGroup/providers/Microsoft.Sql/locations/japaneast/serverOperationResults/00000000-0000-0000-0000-000000000000?api-version=2024-11-01" } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/SetLegalHoldImmutabilityLongTermRetentionBackup.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/SetLegalHoldImmutabilityLongTermRetentionBackup.json index a65625f53d4a..58cec8babfda 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/SetLegalHoldImmutabilityLongTermRetentionBackup.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/SetLegalHoldImmutabilityLongTermRetentionBackup.json @@ -23,7 +23,7 @@ }, "202": { "headers": { - "Azure-AsyncOperation": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Sql/locations/japaneast/longTermRetentionBackupAzureAsyncOperation/01234567-890a-bcde-f012-34567890abcd?api-version=2025-02-01-preview" + "Azure-AsyncOperation": "https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/providers/Microsoft.Sql/locations/japaneast/longTermRetentionBackupAzureAsyncOperation/01234567-890a-bcde-f012-34567890abcd?api-version=2024-11-01-preview" } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/SqlVulnerabilityAssessmentScan.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/SqlVulnerabilityAssessmentScan.json index d8c34ff91cfe..a1fdc86836a5 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/SqlVulnerabilityAssessmentScan.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/SqlVulnerabilityAssessmentScan.json @@ -21,7 +21,7 @@ "server": "vulnerabilityassessmenttest-6411", "database": "master", "sqlVersion": "15.0.2000", - "startTime": "2020-06-22T23:49:00.6455136-07:00", + "startTime": "2020-06-23T12:19:00.6455136+05:30", "endTime": "2020-06-23T06:49:00.7236217Z", "highSeverityFailedRulesCount": 3, "mediumSeverityFailedRulesCount": 2, @@ -30,7 +30,7 @@ "totalFailedRulesCount": 6, "totalRulesCount": 26, "isBaselineApplied": false, - "lastScanTime": "2020-06-22T23:49:00.6455136-07:00" + "lastScanTime": "2020-06-23T12:19:00.6455136+05:30" } } } diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/SqlVulnerabilityAssessmentScanRecordsListByDatabase.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/SqlVulnerabilityAssessmentScanRecordsListByDatabase.json index 78820247a61d..b2e2f64e169d 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/SqlVulnerabilityAssessmentScanRecordsListByDatabase.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2025-02-01-preview/examples/SqlVulnerabilityAssessmentScanRecordsListByDatabase.json @@ -22,7 +22,7 @@ "server": "vulnerabilityassessmenttest-6411", "database": "master", "sqlVersion": "15.0.2000", - "startTime": "2020-06-22T23:49:00.6455136-07:00", + "startTime": "2020-06-23T12:19:00.6455136+05:30", "endTime": "2020-06-23T06:49:00.7236217Z", "highSeverityFailedRulesCount": 3, "mediumSeverityFailedRulesCount": 2, @@ -31,7 +31,7 @@ "totalFailedRulesCount": 6, "totalRulesCount": 26, "isBaselineApplied": false, - "lastScanTime": "2020-06-22T23:49:00.6455136-07:00" + "lastScanTime": "2020-06-23T12:19:00.6455136+05:30" } }, { @@ -45,7 +45,7 @@ "server": "vulnerabilityassessmenttest-6411", "database": "master", "sqlVersion": "15.0.2000", - "startTime": "2020-06-22T23:49:00.6455136-07:00", + "startTime": "2020-06-23T12:19:00.6455136+05:30", "endTime": "2020-06-23T06:49:00.7236217Z", "highSeverityFailedRulesCount": 3, "mediumSeverityFailedRulesCount": 2, @@ -54,7 +54,7 @@ "totalFailedRulesCount": 6, "totalRulesCount": 26, "isBaselineApplied": false, - "lastScanTime": "2020-06-22T23:49:00.6455136-07:00" + "lastScanTime": "2020-06-23T12:19:00.6455136+05:30" } }, { @@ -68,7 +68,7 @@ "server": "vulnerabilityassessmenttest-6411", "database": "master", "sqlVersion": "15.0.2000", - "startTime": "2020-06-22T23:49:00.6455136-07:00", + "startTime": "2020-06-23T12:19:00.6455136+05:30", "endTime": "2020-06-23T06:49:00.7236217Z", "highSeverityFailedRulesCount": 0, "mediumSeverityFailedRulesCount": 0, @@ -77,7 +77,7 @@ "totalFailedRulesCount": 6, "totalRulesCount": 26, "isBaselineApplied": true, - "lastScanTime": "2020-06-22T23:49:00.6455136-07:00" + "lastScanTime": "2020-06-23T12:19:00.6455136+05:30" } } ]