To certify your database you start by downloading a tool called Certification Test Tool for Azure SQL Database.
Connect to your databaseFirst step is to connect to your database by entering the connection details to your database in Microsoft Azure. Note that you need to specify the server name with protocol and port and that the User ID is on the format user@servername.
After connecting its time to to the actual testing.The test consists of two parts. One static analysis and one self assessment. I will not give any advice to what features to activate or what the implications of this will be but rather point to documentation on how to activate and what these features mean.
Static TestsThe static tests are executed against your actual database. This means that if you change something and execute the tests again you will get a different result.
Use Premium / Pools
SQL DB should either have at least 1 Premium database OR use Elastic Pool.
Azure SQL Database Service Tiers
Azure Elastic Database Pools
SQL DB should have at least 1 of the following enabled: TDE, DDM, RLS:
Transparent Data Encryption (TDE)
Dynamic Data Masking (DDM)
Row Level Security (RLS)
AssessmentSecurity: Is auditing enabled in your database?
DR Drill: Is your SQL DB using Geo-replication OR have done 1 or more Geo-restores?
If you start with a database running on a S-tier and with no security features activated the easiest way to get passed the certification is to scale to a P-level, add Dynamic Data Masking, enable auditing and go thru the process of doing a geo-restore.