Azure SQL Managed Instance is transitioning from manual to service-aided subnet configuration
with service-aided subnet configuration user is in control , the network requirements to deploy managed instance are as follows:
Dedicated subnet: The managed instance’s subnet can’t contain any other cloud service that’s associated with it, and it can’t be a gateway subnet. The subnet can’t contain any resource but the managed instance, and you can’t later add other types of resources in the subnet.
Subnet delegation: The managed instance’s subnet needs to be delegated to
Microsoft.Sql/managedInstances resource provider.
Network security group (NSG): A NSG needs to be associated with the managed instance’s subnet. You can use an NSG to control access to the managed instance’s data endpoint by filtering traffic on port 1433 and ports 11000-11999 when managed instance is configured for redirect connections. Service will automatically add rules required to allow uninterrupted flow of management traffic.
User defined route (UDR) table: A UDR table needs to be associated with the managed instance’s subnet. You can add entries to the route table to route traffic that has on-premises private IP ranges as a destination through the virtual network gateway or virtual network appliance (NVA). Service will automatically add entries required to allow uninterrupted flow of management traffic.
Service endpoints: Service endpoints could be used to configure virtual network rules on storage accounts that keep backups / audit logs.
Sufficient IP addresses: The managed instance subnet must have at least 16 IP addresses. The recommended minimum is 32 IP addresses. For more information, see Determine the size of the subnet for managed instances. You can deploy managed instances in the existing network after you configure it to satisfy the networking requirements for managed instances. Otherwise, create a new network and subnet.