Merge pull request #36924 from MashaMSFT/fixes

Add permissions section to SQL MI auditing article

Author: prmerger-automator[bot]

azure-sql/managed-instance/auditing-configure.md

@@ -4,7 +4,7 @@ description: Learn how to get started with Azure SQL Managed Instance auditing u
 author: sravanisaluru
 ms.author: srsaluru
 ms.reviewer: vanto, randolphwest, mathoma
-ms.date: 08/27/2025
+ms.date: 03/20/2026
 ms.service: azure-sql-managed-instance
 ms.subservice: security
 ms.topic: how-to
@@ -19,7 +19,7 @@ f1_keywords:
 
 [!INCLUDE [appliesto-sqlmi](../includes/appliesto-sqlmi.md)]
 
-[Azure SQL Managed Instance](sql-managed-instance-paas-overview.md) auditing tracks database events and writes them to an audit log in your Azure storage account. 
+This article teaches you to configure auditing for [Azure SQL Managed Instance](sql-managed-instance-paas-overview.md). Auditing tracks database events and writes them to an audit log in your Azure storage account. 
 
 Auditing also:
 
@@ -304,6 +304,20 @@ The key differences in the `CREATE AUDIT` syntax for auditing to Azure Blob stor
 - Shutdown option is **not supported**.
 - `queue_delay` of 0 is **not supported**.
 
+## Permissions
+
+To set up auditing, you need database permissions within SQL managed instance, and you also need permissions to the Azure resources that are used for storing and accessing the audit logs.
+
+To set up SQL managed instance auditing you need to following database permissions:
+
+|Database permissions  |Configure audit  |View audit logs using T-SQL  |
+|---------|---------|---------|
+|**VIEW DATABASE SECURITY AUDIT** |No|Yes|
+|**ALTER ANY DATABASE AUDIT**      | Yes        | No        |
+|**CONTROL DATABASE**          | Yes        | Yes        |
+
+To configure auditing to Azure storage, you need the **Storage blob data contributor** role on the storage account or higher permissions. To configure auditing to Event Hubs or Log Analytics, you need the **Monitoring Contributor** role or higher permissions on the resource group where the Event Hub or Log Analytics workspace is provisioned.
+
 ## Next step
 
 > [!div class="nextstepaction"]

azure-sql/managed-instance/frequently-asked-questions-faq.yml

@@ -135,10 +135,6 @@ sections:
 
   - name: Free SQL Managed Instance offer
     questions:
-      - question: What if I don't see the banner and "Apply Offer" button?
-        answer: |
-          It's possible your subscription isn't eligible for the [free SQL Managed Instance](free-offer.md#supportability). Otherwise, there's a limit of one free instance per subscription. You need to remove an existing free instance to create another one. If you recently deleted your free instance, it can take up to one hour for the free offer banner to reappear.
-
       - question: Help! I'm no longer able to connect to my instance!
         answer: |
           It's likely you ran out of credits for the month. Go to your SQL managed instance in the Azure portal and check the state. See if your instance is in a stopped state due to insufficient credits.
@@ -149,23 +145,19 @@ sections:
 
       - question: Can I restore a database to the free instance?
         answer: |
-          Yes, you can restore an [automated backup](recovery-using-backups.md) from Azure storage, or you can [Restore a database backup by using SQL Server Management Studio (SSMS)](restore-sample-database-quickstart.md).
+          Yes, you can restore [automated backups](recovery-using-backups.md) from other SQL managed instances, or you can [Restore an on-premises database backup by using SQL Server Management Studio (SSMS)](restore-sample-database-quickstart.md) or by running a `RESTORE DATABASE` command and targeting `.bak` files from Azure storage or S3 buckets.
 
       - question: Does the free Azure SQL Managed Instance offer provide a production-quality instance?
         answer: |
           Despite the resource limitations, the free SQL Managed is designed to let you test your workloads without any impact. The performance you experience while using the free SQL Managed Instance is identical to the performance of a production version of the instance.
 
       - question: Can I upgrade to a larger or more powerful instance?
         answer: |
-          The free SQL Managed Instance offers 4 and 8 vCore options. If your business requires an instance with more resources, create a fully fledged paid SQL Managed Instance.
+          The free SQL Managed Instance offers only 4 and 8 vCore options. If your business requires an instance with more resources, consider upgrading it to a fully fledged paid SQL Managed Instance.
 
       - question: Can I change the backup option to geo-redundant storage?
         answer: |
-          Backup options can't be changed for the free SQL Managed Instance.
-
-      - question: Can I use my Student subscription with the free Azure SQL Managed Instance?
-        answer: |
-          Currently, the Student subscription is ineligible. For eligible subscriptions, review the [free SQL Managed Instance offer supportability](free-offer.md#supportability).
+          Free SQL Managed Instance only supports PITR up to 7 days. Other backup options can't be modified for the free SQL Managed Instance.
 
   - name: Naming conventions
     questions:

docs/relational-databases/track-changes/known-issues-and-errors-change-data-capture.md

@@ -95,12 +95,13 @@ When the data type of a column on a CDC-enabled table is changed to an unsupport
 The following are examples of `ALTER COLUMN` data type changes that aren't supported when CDC is enabled on a table:
 
 - **bigint** to **int**
-- **char(x)**, **nvarchar(x)**, or **nvarchar(x)** to **uniqueidentifier**, **DATE**, or **INT**
+- **char(x)**, **nvarchar(x)**, or **nvarchar(x)** to **uniqueidentifier**, **DATE**, **Numeric** or **INT**
 
 Changing the data type of a column in a CDC-enabled table can result in the following errors: 
 
 - [Error 241](#error-241---conversion-failed-when-converting-date-andor-time-from-character-string) - Conversion failed when converting date and/or time from character string.
-- [Error 245](#error-245---conversion-failed-when-converting-the-value-from-string-to-int) - Conversion failed when converting the value. 
+- [Error 245](#error-245---conversion-failed-when-converting-the-value-from-string-to-int) - Conversion failed when converting the value.
+- [Error 8114](#error-8114---conversion-failed-when-converting-from-a-character-string-to-numeric-value) - Conversion failed when converting from a character string to numeric value.
 - [Error 8169](#error-8169---conversion-failed-when-converting-from-a-character-string-to-uniqueidentifier) - Conversion failed when converting from a character string to uniqueidentifier.
 
 Changing the size of columns of a CDC-enabled table using DDL statements can cause issues with the subsequent CDC capture process can result in the following errors: 
@@ -239,6 +240,12 @@ These are the different troubleshooting categories included in this section:
 
 * **Recommendation**: Before making any changes to column size, you must assess whether the alteration is compatible with the existing data in CDC change tables. To address this problem, you need to disable and re-enable CDC for your database. For more information about enabling CDC for a database or a table, see [Enable CDC for a database](enable-and-disable-change-data-capture-sql-server.md#enable-for-a-database) and [Enable CDC for a table](enable-and-disable-change-data-capture-sql-server.md#enable-for-a-table).
 
+#### Error 8114 - Conversion failed when converting from a character string to numeric value
+
+* **Cause**: This error occurs when an [ALTER COLUMN](../../t-sql/statements/alter-table-transact-sql.md#alter-column) command is issued to change the data type of a column when the table has CDC enabled. For example, if a table has a **char(x)**, **nvarchar(x)**, **nvarchar(x)** column and you change the data type to **numeric** (such as: `ALTER TABLE table_name ALTER COLUMN [column_name] numeric`), you might see this error in the [sys.dm_cdc_errors](../system-dynamic-management-views/change-data-capture-sys-dm-cdc-errors.md) Dynamic Management View (DMV). Error 8114 indicates an unsupported data conversion in the change table, even though the ALTER command on the source table succeeds.
+
+* **Recommendation**: To resolve this issue, disable and re-enable CDC for your table after altering the column. Alternatively, disable CDC before running the `ALTER COLUMN` command, and then reenable CDC after the `ALTER COLUMN` change.
+
 #### Error 8115 - Arithmetic overflow error converting data type from bigint to int
 
 * **Cause**: This error occurs when an [ALTER COLUMN](../../t-sql/statements/alter-table-transact-sql.md#alter-column) DDL is executed on a CDC-enabled table that results in a decrease in the precision of the column (such as changing the data type of the column from **bigint** to **int**). The decreased precision column is unable to hold the values present in the change table.
@@ -247,10 +254,12 @@ These are the different troubleshooting categories included in this section:
 
 #### Error 8169 - Conversion failed when converting from a character string to uniqueidentifier
 
-* **Cause**: This error occurs when an [ALTER COLUMN](../../t-sql/statements/alter-table-transact-sql.md#alter-column) command is issued to change the data type of a column when table has CDC enabled. For example, if a table has a **char(x)**, **nvarchar(x)**, **nvarchar(x)** column and you change the data type to **uniqueidentifier** (such as: `ALTER TABLE table_name ALTER COLUMN [column_name] uniqueidentifier`), you might see this error in the [sys.dm_cdc_errors](../system-dynamic-management-views/change-data-capture-sys-dm-cdc-errors.md) Dynamic Management View (DMV). Error 8169 indicates an unsupported data conversion in the change table, even though the ALTER command on the source table succeeds.
+* **Cause**: This error occurs when an [ALTER COLUMN](../../t-sql/statements/alter-table-transact-sql.md#alter-column) command is issued to change the data type of a column when the table has CDC enabled. For example, if a table has a **char(x)**, **nvarchar(x)**, **nvarchar(x)** column and you change the data type to **uniqueidentifier** (such as: `ALTER TABLE table_name ALTER COLUMN [column_name] uniqueidentifier`), you might see this error in the [sys.dm_cdc_errors](../system-dynamic-management-views/change-data-capture-sys-dm-cdc-errors.md) Dynamic Management View (DMV). Error 8169 indicates an unsupported data conversion in the change table, even though the ALTER command on the source table succeeds.
 
 * **Recommendation**: To resolve this issue, disable and re-enable CDC for your table after altering the column. Alternatively, disable CDC before running the `ALTER COLUMN` command, and then reenable CDC after the `ALTER COLUMN` change.
 
+
+
 ## Create user and assign role
 
 If the `cdc user` was removed, you can manually add the user back.