Your company has a critical Azure SQL Database named SalesDB in the West US region. To meet disaster recovery requirements, you configured active geo-replication with a readable secondary replica in East US. You need to automate failover in the event of a regional outage. The solution must ensure that the failover is initiated automatically based on health metrics and that the application connection string is updated to point to the new primary. Currently, the application uses a connection string with the primary server name. You have the following requirements: minimize manual intervention, use built-in Azure features, and ensure that failover is tested regularly. You consider the following options: A) Use Azure Traffic Manager with endpoint monitoring to route traffic to the primary and automatically failover. B) Configure auto-failover group with read-write failover policy and grace period. C) Create an Azure Logic App that queries the database health and runs a PowerShell script to perform failover and update DNS. D) Use Azure Automation with a runbook that checks the database status and initiates failover via REST API. Which option best meets the requirements?
Auto-failover groups automatically fail over based on health metrics and provide a listener endpoint that updates automatically.
Why this answer
Option C is correct because auto-failover groups are the built-in Azure feature designed specifically for automating failover of Azure SQL Database geo-replication. They support a read-write failover policy with a configurable grace period that automatically triggers failover based on health metrics, and they automatically update the connection string endpoint for applications using the failover group listener name, not the individual server name. This minimizes manual intervention and allows regular testing via manual failover without affecting the production environment.
Exam trap
The trap here is that candidates may think custom automation (Logic App or Automation runbook) is needed for automatic failover, but they overlook that auto-failover groups already provide built-in, policy-driven automatic failover with connection string transparency, which is the simplest and most reliable solution for this scenario.
How to eliminate wrong answers
Option A is wrong because Azure Traffic Manager operates at the DNS level and does not natively understand Azure SQL Database geo-replication health metrics; it cannot automatically trigger a geo-failover or update the database replication state, and it would require custom endpoint monitoring and manual failover scripts. Option B is wrong because creating a Logic App that runs a PowerShell script introduces custom code, manual maintenance, and potential latency, which does not minimize manual intervention or use built-in Azure features as effectively as auto-failover groups. Option D is wrong because Azure Automation with a runbook that checks database status and initiates failover via REST API is a custom solution that requires development, testing, and ongoing management, and it does not provide automatic connection string updates or the built-in grace period and health monitoring of auto-failover groups.