The Latest Azure Database Updates: SQL Server security; Default backups and configurations; vCore Azure SQL Database; PostgreSQL 11

Microsoft held many of its database announcements until after the Business Applications Summit in Atlanta, helping to keep the focus on announcements at the conference. Arpan Shah, general manager for Azure touted the security characteristics of the cloud for SQL Server and Windows Server workloads, giving the example of J.B. Hunt, Chevron and Allscripts migrations. Shah wrote that Azure is uniquely positioned because of the 6.5 trillion signals fed into Intelligent Security Graph, informing recommendations within Azure Security Center. In fact, Security Center is poised to become available through Windows Admin Center. Users have a wide variety of security policy controls available with Azure Governance and Azure Blueprints, as well as the Sentinel SIEM system, introduced in February. Shah also highlighted Advanced Data Security for SQL Database and SQL Server VMs, together with confidential computing encryption of data in use.

The default backup period for DTU-based and vCore-based Azure SQL databases is set to change from 35 to seven days on July 1, although users can change to a different retention period manually with Azure Portal, PowerShell and REST API. The changes comes along with overall default configuration changes. Engineers will update to two vCore databases or elastic pools, provisioned on Gen 5 hardware, with independently managed compute and storage. Together with dev/test pricing, reserved capacity and Azure Hybrid Benefit, many customers may be able to save on costs. Dev/test pricing for individuals is particularly significant for small scale users and developers and allows deployments for those relying on Azure monthly credits for Visual Studio subscribers. It represents the third and final component of dev/test pricing more broadly, following the earlier implementation of pay as you go and Enterprise options.

On June 12, Microsoft announced general availability of four vCore Azure SQL Database managed instances, hosted on Gen 5 hardware serving either Business Critical or General Purpose service tiers. The four vCore option is half the cost of the eight vCore option.

Users will be able to asynchronously replicate data from a "master" database to as many as five "servant" Azure Database for MariaDB servers within a single region, thus scaling out read-heavy workloads. However, the new servers are read-only and any data changes need to be distributed from the master. Intelligent Performance is in preview, offering a query store, performance insights and recommendations, in a bid to enhance performance overall by spotting slow-downs.