question

surya1509 avatar image
0 Votes"
surya1509 asked KalyanChanumolu-MSFT answered

Restore TDS enabled Managed instance database to on premise sql server

I have a Azure Managed instance database with TDE enabled (customer managed keys) , i need to take copy_only .bak backup for this MI database to azure blob storage using SAS URL(I achieved this by creating certificate and running Tsql query) . Now my use case is i need to move this backup file to on premise and restore it , is this even a viable option? I dont want to use dacpac/backpac export it has to be .bak restore process

  • Should the on premise sql server needs to be TDE enabled?

  • Do i need to export the azure managed instance database Customer managed key to on prem?





azure-database-migration
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@surya1509 Thank you for reaching out.

Is your Customer Managed Key generated by the KeyVault or did you import a certificate?
You mentioned, copy only backup was generated by creating a certificate. Could you please elaborate on the process you followed?

0 Votes 0 ·
surya1509 avatar image surya1509 KalyanChanumolu-MSFT ·

Hi kalyan,
I have taken the copy only backup by disabling the TDE and used a SAS certificate to place the backup file on Azure blob storage. I wanted to see without disabling TDE , can I generate a key in key vault and use that as a customer managed key and do the same processs?

My main question is , is it even feasible option to restore a .bak backup file (encrypted) on on-premise sql server ?

0 Votes 0 ·

1 Answer

KalyanChanumolu-MSFT avatar image
0 Votes"
KalyanChanumolu-MSFT answered

@surya1509 Thank you for providing more context.

If you cannot use a bacpac and must use a .bak file to restore the database, I would recommend disabling TDE and then taking a backup from MI.
You can then configure TDE on your on-premises SQL Server separately.


If an answer is helpful, please "Accept answer" or "Up-Vote" which might help other community members reading this thread.
And if you have further questions or issues, please let us know.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.