Updated EOS documentation

samples/manage/sql-server-extended-security-updates/readme.md

@@ -1,18 +1,87 @@
-# SQL Server 2008/2008R2 Extended Security Updates
-If you’re running SQL Server 2008 or 2008 R2, these versions are reaching the end of their support lifecycle on July 9, 2019.      
-Each version is backed by a minimum of 10 years of support (5 years for Mainstream Support and 5 years for Extended Support) including regular security updates.      
-End of support means the end of security updates, which can cause security and compliance issues and put applications and business at risk.      
-We recommend upgrading to current versions for the most advanced security, performance, and innovation.      
-For customers that can’t get it all upgraded by the deadline, new options help protect applications and data during the upgrade transition:     
--  Migrate your existing SQL Server 2008 and 2008R2 workloads as-is to Azure and receive additional 3 years of free Extended Security Updates (if and when available)
--  Purchase Extended Security Updates for your servers and remain protected for up to 3 years until you are ready to upgrade to a newer SQL Server version
+# SQL Server 2008/2008 R2 Extended Security Updates (ESUs)
+SQL Server 2008 and SQL Server 2008 R2 have reached the end of their support lifecycle on July 9, 2019. 
+Each version is backed by a minimum of 10 years of support (5 years for Mainstream Support and 5 years for Extended Support) including regular security updates. 
+End of support means the end of security updates, which can cause security and compliance issues and put applications and business at risk. 
+We recommend upgrading to current versions for the most advanced security, performance, and innovation. 
+
+For customers that couldn’t get all servers upgraded by the deadline, new options help protect applications and data during the upgrade transition:
+-  Migrate your existing SQL Server 2008 and 2008 R2 workloads as-is to Azure Virtual Machines, and receive additional three years of free Extended Security Updates (if and when available).
+-  Purchase Extended Security Updates for your servers and remain protected until you are ready to upgrade to a newer SQL Server version, for up to three years after the End of Support date.
+
+Microsoft recommends applying Extended Security Update patches as soon as they are available to keep their environment protected.
+
+---
+
+## Table of Contents
+
+-  [Useful links](#Useful-links)
+-  [What are Extended Security Updates for SQL Server](#What)
+-  [Prepare to register SQL Server instances for ESUs](#Registry)
+-  [Registering SQL Server instances for ESUs](#Register)
+-  [How to download Extended Security Updates](#Download)
+-  [Script examples](#scripts)
+
+---
 
 ## Useful links
-[SQL Server 2008/2008R2 end of support page](https://aka.ms/sqleos)     
-[Extended Security Updates frequently asked questions](https://aka.ms/sqleosfaq)     
+- [SQL Server 2008 / 2008 R2 lifecycle page](https://support.microsoft.com/en-us/lifecycle/search?alpha=sql%20server%202008)
+- [SQL Server 2008 / 2008 R2 end of support page](https://aka.ms/sqleos)     
+- [Extended Security Updates frequently asked questions](https://aka.ms/sqleosfaq)    
+- [Microsoft Security Response Center (MSRC)](https://portal.msrc.microsoft.com/security-guidance/summary)
+- [Manage Windows updates by using Azure Automation](https://docs.microsoft.com/azure/automation/automation-tutorial-update-management)
+- [Microsoft Data Migration Guide](https://datamigration.microsoft.com/)
+- [Azure Migrate - lift-and-shift options to move your current SQL 2008 / 2008 R2 into an Azure VM](https://azure.microsoft.com/services/azure-migrate/)
+
+---
+
+## <a name="What"></a> What are Extended Security Updates for SQL Server
+Extended Security Updates (ESUs) include provision of Security Updates rated **Critical** by [MSRC](https://portal.msrc.microsoft.com/security-guidance/summary).    
+
+ESUs will be distributed if and when available, and do not include:
+-  New features
+-  Customer-requested non-security hotfixes
+-  Design change requests    
+
+### Support
+ESUs do not include technical support, but customers can use an active support contract such as Software Assurance or Premier/Unified Support on SQL Server 2008 / 2008 R2 to get technical support on workloads covered by ESUs if they choose to stay on-premises. Alternatively, if hosting on Azure, customers can use an Azure Support plan to get technical support.
+
+> [!NOTE]   
+> Microsoft cannot provide technical support for SQL Server 2008 / 2008 R2 instances (both on-premises and in hosting environments) that are not covered with an ESU subscription.
+
+### ESU Availability
+**In Azure:** Customers who migrate workloads to Azure Virtual Machines (IaaS) will have access to Extended Security Updates for SQL Server 2008 and 2008 R2 for three years after the End of Support dates for **no additional charges** above the cost of running the virtual machine. Customers do not need Software Assurance to receive Extended Security Updates in Azure.
+
+**On-premises or hosted environments:** Software Assurance customers can purchase Extended Security Updates for three years after End of Support date, under an Enterprise Agreement (EA), Enterprise Subscription Agreement (EAS), a Server & Cloud Enrollment (SCE), or an Enrollment for Education Solutions (EES). Customers can purchase Extended Security Updates only for the servers they need to cover. Extended Security Updates can be purchased directly from Microsoft or a Microsoft licensing partner.
+
+For more information, refer to the [Extended Security Updates frequently asked questions](https://aka.ms/sqleosfaq).
+
+### ESU Delivery
+**Azure Virtual Machines:** Customers will receive updates automatically through existing SQL Server update channels, whenever vulnerabilities are found, and rated **Critical** by MSRC. If an Azure Virtual Machine is not [configured to receive automatic updates](https://docs.microsoft.com/azure/automation/automation-tutorial-update-management), then the on-premises download option applies. 
+
+**On-premises or hosted environments:** Customers that buy Extended Security Updates will be able to [register the eligible instances](#Registry) and download updates from the Azure Portal to deploy to their on-premises or hosted environments, whenever vulnerabilities are found, and rated **Critical** by MSRC. This is also the process that customers will need to follow for Azure Stack and Azure Virtual Machines that are not configured to receive automatic updates.
+
+---
+
+## <a name="Registry"></a> Prepare to register SQL Server instances for ESUs
+To create your SQL Server Registry, which will allow you to register your ESU-enabled SQL Server instances, see [Create the SQL Server Registry](./registry.md).
+
+---
+
+## <a name="Register"></a> Registering SQL Server instances for ESUs
+To register your ESU-enabled SQL Server instances, see [Registering SQL Server instances for ESUs](./register.md).
+
+---
+
+## <a name="Download"></a> How to download Extended Security Updates
+
+To download a security update that is made available throughout the three years of the ESU subscription, click on ***Security Updates*** located in the left menu pane.
+- All available ESU packages available per version will be listed
+- A ***Download*** button will appear inline with each available update package, allowing customers to download, to later install in the eligible SQL Server instances.
+
+    ![Downloads](./media/Downloads.png "Downloads") 
+
+---
 
-## How to register a single SQL Server instance to download Extended Security Updates
-Coming soon...
+## <a name="scripts"></a> ESU registration script examples
 
-## How to bulk register SQL Server instances to download Extended Security Updates
-Coming soon...
+For example scripts in T-SQL and Powershell that can generate the required SQL Server instance registration information, see [ESU registration script examples](scripts.md).

samples/manage/sql-server-extended-security-updates/register.md

@@ -0,0 +1,132 @@
+# Registering SQL Server instances for ESUs
+
+## Table of Contents
+
+-  [Register a single SQL Server instance](#RegSingle)
+-  [Bulk register SQL Server instances](#RegBulk)
+-  [Formatting requirements for a CSV file](#csv)
+
+## <a name="RegSingle"></a> Register a single SQL Server instance
+It's required that at least one SQL Server instance is registered in order to download an ESU package (if and when available). 
+
+> [!IMPORTANT]   
+> It's not required to register a SQL Server instance for ESUs when running an Azure Virtual Machine that is configured for Automatic Updates. For more information, see [Manage Windows updates by using Azure Automation](https://docs.microsoft.com/azure/automation/automation-tutorial-update-management).
+
+### Steps to register an instance
+1. To register a new SQL Server instance, click the ***+ Register*** button in the top bar.
+
+    ![New Single Instance Registration Step 1](./media/NewSingleRegistration-Step1.png "New Single Instance Registration Step 1") 
+
+2. Enter the required information as seen below:
+   -  **Instance Name:** enter the output of running the command `SELECT @@SERVERNAME` or `SELECT SERVERPROPERTY('ServerName')`
+   -  **SQL Version:** select from the drop-down the applicable version
+      - 2008
+      - 2008 R2
+   -  **Edition:** select from the drop-down the applicable edition
+      - Datacenter
+      - Developer (free to deploy if purchased ESUs)
+      - Enterprise
+      - Standard
+      - Web
+      - Workgroup 
+   -  **Cores:** enter the number of cores for this instance
+   -  **Host Type:** select from the drop-down the applicable environment
+      - Virtual Machine (on-premises)
+      - Physical Server (on-premises)
+      - Azure Virtual Machine (includes Azure Stack and VMWare on Azure)
+      - Amazon EC2
+      - Google Compute Engine
+      - Other
+
+
+    ![New Single Instance Registration Step 2](./media/NewSingleRegistration-Step2.png "New Single Instance Registration Step 2") 
+
+    If registering an Azure Virtual Machine (VM), additional information is required to complete registration:
+    -  **Subscription Id:** enter the subscription ID on where the VM is created
+    -  **Resource Group:** enter the resource group on where the VM is created
+    -  **Azure VM Name:** enter the VM resource name
+    -  **Azure VM Operating System:** select from the drop-down the applicable Windows Server version
+
+3. When all fields are populated, click the ***Register*** button to complete registration.
+
+    ![New Single Instance Registration Step 3](./media/NewSingleRegistration-Step3.png "New Single Instance Registration Step 3") 
+
+4. The newly registered instance will be available in the ***Registered servers*** section of the page.
+
+    ![New Single Instance Registration Step 4](./media/NewSingleRegistration-Step4.png "New Single Instance Registration Step 4") 
+
+   The download area of the SQL Server Registry become accessible. Any available downloads will be posted there. For more information, see [How to download Extended Security Updates](./readme.md#Download).
+
+---
+
+## <a name="RegBulk"></a> Bulk register SQL Server instances 
+Bulk registering SQL Server instances to download an ESU package (if and when available) is done through uploading a CSV file. 
+
+> [!IMPORTANT]   
+> It's not required to register SQL Server instances for ESUs when running Azure Virtual Machines that are configured for Automatic Updates. For more information, see [Manage Windows updates by using Azure Automation](https://docs.microsoft.com/azure/automation/automation-tutorial-update-management).
+
+Customers that already have an inventory application that holds the required registration information can generate a CSV file from that inventory, following the the [CSV formatting requirements](#csv) later in this page.
+
+Several as-is example scripts are provided, that generate the required registration information into a CSV file. For more information, see [ESU registration script examples](scripts.md).
+
+### Steps to bulk register
+1. To bulk register new SQL Server instances, click the ***↑ Bulk Register*** button in the top bar.
+
+    ![New Bulk Instance Registration Step 1](./media/NewBulkRegistration-Step1.png "New Bulk Instance Registration Step 1")
+
+2. Click the folder icon to search for a previously prepared CSV file that contains all the required information to register SQL Server instances. Once selected, click the ***Register*** button.
+
+    ![New Bulk Instance Registration Step 2](./media/NewBulkRegistration-Step2.png "New Bulk Instance Registration Step 2") 
+
+3. The newly registered instance(s) will be available in the ***Registered servers*** section of the page. 
+
+   The download area of the SQL Server Registry become accessible. Any available downloads will be posted there. For more information, see [How to download Extended Security Updates](./readme.md#Download).
+
+---
+
+## <a name="csv"></a> Formatting requirements for CSV file
+
+The CSV file **must** be generated with the following format:
+-  Values are comma separated
+-  Values are not single or double-quoted
+-  Column names are case-insensitive but must be **named** as seen below:
+   - name
+   - version
+   - edition
+   - cores
+   - hostType
+   - subscriptionId <sup>1</sup>
+   - resourceGroup <sup>1</sup>
+   - azureVmName <sup>1</sup>
+   - azureVmOS <sup>1</sup>
+
+<sup>1</sup> Only for Azure Virtual Machine registrations
+
+> [!TIP]    
+> For example Powershell scripts that can generate the required SQL Server instance registration information into a CSV file, see [ESU registration script examples](scripts.md).
+
+### CSV Example 1 - on-premises
+
+```
+name,version,edition,cores,hostType    
+Server1\SQL2008,2008,Enterprise,12,Physical Server    
+Server1\SQL2008 R2,2008 R2,Enterprise,12,Physical Server    
+Server2\SQL2008 R2,2008 R2,Enterprise,24,Physical Server    
+Server3\SQL2008 R2,2008 R2,Enterprise,12,Virtual Machine    
+Server4\SQL2008,2008,Developer,8,Physical Server  
+```
+
+Refer to [MyPhysicalServers.csv](./scripts/MyPhysicalServers.csv) for a CSV file example.
+
+### CSV Example 2 - Azure VM
+
+```
+name,version,edition,cores,hostType,subscriptionId,resourceGroup,azureVmName,azureVmOS    
+ProdServerUS1\SQL01,2008 R2,Enterprise,12,Azure Virtual Machine,61868ab8-16d4-44ec-a9ff-f35d05922847,RG,VM1,2012    
+ProdServerUS1\SQL02,2008 R2,Enterprise,24,Azure Virtual Machine,61868ab8-16d4-44ec-a9ff-f35d05922847,RG,VM1,2012    
+ServerUS2\SQL01,2008,Enterprise,12,Azure Virtual Machine,61868ab8-16d4-44ec-a9ff-f35d05922847,RG,VM2,2012 R2    
+ServerUS2\SQL02,2008,Enterprise,8,Azure Virtual Machine,61868ab8-16d4-44ec-a9ff-f35d05922847,RG,VM2,2012 R2    
+SalesServer\SQLProdSales,2008 R2,Developer,8,Azure Virtual Machine,61868ab8-16d4-44ec-a9ff-f35d05922847,RG,VM3,2008 R2   
+```
+
+Refer to [MyAzureVMs.csv](./scripts/MyAzureVMs.csv) for an Azure VM targetted CSV file example.

samples/manage/sql-server-extended-security-updates/registry.md

@@ -0,0 +1,52 @@
+# Create the SQL Server Registry
+Before being able access the Extended Security Updates (ESU) download area in the Azure portal, the SQL Server instances covered by ESUs must be registered. This ensures that you are able to download an ESU package if and when available.
+
+> [!IMPORTANT]   
+> It's not required to register a SQL Server instance for ESUs when running an Azure Virtual Machine that is configured for Automatic Updates. For more information, see [Manage Windows updates by using Azure Automation](https://docs.microsoft.com/azure/automation/automation-tutorial-update-management).
+
+## <a name="Reg"></a> Prepare to register SQL Server instances
+To register SQL Server instances, you must first create a SQL Server Registry in the [Azure portal](https://portal.azure.com). 
+
+> [!NOTE]   
+> This operation only needs to be done once. After a SQL Server Registry is created, it can be used to register multiple SQL Server instances.
+
+### Steps
+1. Open the [Azure portal](https://portal.azure.com) and log in.
+
+2. If this is your first time registering a SQL Server instance, click the plus (+) sign in the top-left area of the page to create a new resource. Then type *SQL Server Registry* in the text box and hit the **Enter** key.
+
+    ![New Registry Step 1](./media/NewRegistry-Step1.png "New Registry Step 1") 
+
+3. The SQL Server Registry resource should be available. Click on it begin the Registry setup process.
+
+    ![New Registry Step 2](./media/NewRegistry-Step2.png "New Registry Step 2") 
+
+4. After selecting the SQL Server Registry resource, click on the *Create* button.
+
+    ![New Registry Step 3](./media/NewRegistry-Step3.png "New Registry Step 3") 
+
+5. In the **PROJECT DETAILS** section, select the ***subscription*** on which to create the Registry. Then, select either an existing ***Resource group***, or create a new one.
+
+    ![New Registry Step 4](./media/NewRegistry-Step4.png "New Registry Step 4") 
+
+   In the **SERVICE DETAILS** section, enter a name for the ***SQL Server registry***, and select a ***Region*** on which to deploy this new resource.
+
+    ![New Registry Step 5](./media/NewRegistry-Step5.png "New Registry Step 5") 
+
+    And then click on the ***Review + create*** button.
+
+6. If the validation passed, you are presented with a screen that summarizes the choices for the new registry resource. If everything seems correct, click on the ***Create*** button to start deployment of the new resource.
+
+    ![New Registry Step 6](./media/NewRegistry-Step6.png "New Registry Step 6") 
+
+7. Once deployment is complete, click on the ***Go to resource*** button.
+
+    ![New Registry Step 7](./media/NewRegistry-Step7.png "New Registry Step 7") 
+
+    ![New Registry Step 8](./media/NewRegistry-Step8.png "New Registry Step 8") 
+
+8. Now the **SQL Server Registry** is available.
+
+    ![New Registry Step 9](./media/NewRegistry-Step9.png "New Registry Step 9") 
+
+    To start registering SQL Server instances, see [Registering SQL Server instances](./register.md).