Cloud SQL enhanced backups are now generally available (GA).

With enhanced backups, backups are managed and stored in a centralized backup management project that leverages the Backup and DR service, and provides enforced retention, granular scheduling, and longer retention.

Enhanced backups now also support point-in-time-recovery (PITR) after instance deletion.

For more information about the available options and their limitations, see Backup options. For more information about enhanced backups pricing, see Backup and DR pricing.

Cloud SQL for SQL Server integration with Microsoft Entra ID (Preview) provides centralized identity and access management (IAM) for your databases using your existing Microsoft Entra ID tenant.

You can integrate Cloud SQL for SQL Server with customer-managed Active Directory (CMAD).

CMAD provides capabilities such as authentication and authorization. Joining an instance to a CMAD domain lets you sign in using Windows Authentication with an AD-based identity.

Customer-managed Active Directory (CMAD) is generally available (GA).

Cloud SQL Enterprise edition now supports a new machine series called the N4 machine series. This machine series provides balanced price-to-performance and uses the Hyperdisk Balanced storage. You can create custom machine types for the N4 machine series with up to 80 vCPUs and up to 640 GB memory. The N4 machine series is generally available (GA).

For more information about the N4 machine series and its availability, see Machine series overview.

You can now use advanced disaster recovery (DR) for your Private Service Connect (PSC) enabled Cloud SQL Enterprise Plus edition instances. With advanced DR, you can:

• Designate a cross-region disaster recovery (DR) replica
• Perform a cross-region replica failover for disaster recovery
• Restore your original deployment by using zero-data loss switchover

You can now use Gemini's capabilities to fix errors in a query within Cloud SQL Studio (Preview).

You can now provision, manage and query your databases using the dedicated Gemini CLI extension for Cloud SQL for SQL Server. The extension provides full lifecycle control of your database—from provisioning instances, to exploring schemas and troubleshooting issues—from your command-line interface.

For more information, see Use Cloud SQL for SQL Server with MCP, Gemini CLI, and other agents.

Feature

You can now retain point-in-time recovery (PITR) logs for an instance after its deletion for a specified retention period. These logs can be used to restore the deleted instance to a specific point in time. For more information, see Restore a deleted instance using PITR.

You can have Cloud SQL create a Private Service Connect endpoint automatically. You can use this endpoint to access Cloud SQL instances through a VPC network. For more information, see Create a Private Service Connect endpoint automatically.

This feature is now generally available (GA).

You can now enable your instance to take a final backup at instance deletion and define its retention period by setting the final backup instance setting.

You can also create a custom organization policy to define final backup instance settings. For more information, see Final backup.

Max degree of parallelism (MAXDOP) is a Microsoft database flag available for use in Cloud SQL for SQL Server. This flag lets you limit the maximum number of threads used when running a single query in a parallel plan.

You can save and manage SQL queries in Cloud SQL Studio. This feature is in Preview. For more information, see Saved queries overview.

Now you can use Private Service Connect backends, as an alternative to Private Service Connect endpoints, to access Cloud SQL instances.

Feature

Now you can create an IPv6 endpoint for Private Service Connect (PSC) connections. For more information, see Connect to an instance using Private Service Connect.

Deprecated

You can no longer set a deny maintenance period for instances that are running a maintenance version older than 12 months. To update your instance, perform self-service maintenance or wait until the next maintenance window to update your instance automatically. For more information about maintenance, see Maintenance updates on Cloud SQL instances.

Cloud SQL now supports Private Service Connect (PSC) outbound connectivity. With PSC outbound connectivity, you can attach a PSC interface to your existing Cloud SQL PSC-enabled instances to allow your instances to make outbound connections to your network. For more information, see PSC outbound connections.

Cloud SQL now offers planned maintenance and machine tier upgrades for your Cloud SQL Enterprise plus instances with near-zero downtime for eligible instances.

For more information, see Maintenance updates on Cloud SQL instances.

Cloud SQL now offers two options of backup services to manage your instance's backups:

• Enhanced backups (Preview): backups are managed and stored in a centralized backup management project that leverages the Backup and DR service, and provides enforced retention, granular scheduling, and longer retention.

• Standard backups (existing option): backups are created, managed, and stored in the same project as your Cloud SQL instances.

You can choose between these options based on your instance's requirements and needs. Although instances can't use both backup options at the same time, Cloud SQL gives you the ability to switch between these backup options as necessary.

For more information about the available options and their limitations, see Backup options.

Cloud SQL for SQL Server now offers Active Directory support for write endpoints. For more information, see Write endpoints across forests.

Cloud SQL for SQL Server now offers the maximum server memory recommender.

Database instances running with an allocation of memory that's either too low or too high might experience performance issues.

The max server memory (mb) flag limits the amount of memory that Cloud SQL can allocate for its internal pools. You can manually set a value for this flag, or omit the flag and let Cloud SQL manage memory limits for you automatically.

For more information, see Optimize maximum server memory usage.

Cloud SQL for SQL Server now extends query insights and index advisor support to read replicas.

You can now create an instance with both private services access and Private Service Connect enabled. You can also enable Private Service Connect on an existing private services access instance. This feature is now generally available (GA).

For more information, see Configure both private services access and Private Service Connect.

Cloud SQL for SQL Server now supports TLS connections to Active Directory endpoints without requiring server certificate trust or the use of IP addresses. Existing server certificates will need to be rotated to use this feature.

If you create an instance using the Google Cloud Console, then the per-instance CA (GOOGLE_MANAGED_INTERNAL_CA) option is now the default server certificate authority (CA) mode for your Cloud SQL instance.

For users of the Cloud SQL Auth Proxy:

• If the Cloud SQL instance to which you're connecting is using shared certificate authority (CA) for its serverCaMode setting, then on the client side, you must use Cloud SQL Auth Proxy version 2.13.0 or later.
• If the Cloud SQL instance to which you're connecting is using customer-managed CA for its serverCaMode setting, then on the client side, you must use Cloud SQL Auth Proxy version 2.14.3 or later.

Cloud SQL for Enterprise Plus edition supports AI-assisted troubleshooting. With AI-assisted troubleshooting, you can resolve complex database performance issues like slow queries and high load for your instances in a guided manner. To use AI-assisted troubleshooting, you need Gemini Cloud Assist and query insights for Enterprise Plus edition. AI-assisted troubleshooting is available in Preview.

You can now set up custom DNS names by configuring the custom subject alternative name (SAN) for your instance. After you set up DNS name resolution, you can connect to your Cloud SQL instance using the custom DNS name instead of using an IP address. This feature is available only for instances that are configured with the customer-managed certificate authority (CA) (CUSTOMER_MANAGED_CAS_CA) option as its server CA mode.

Custom SAN configuration for instances is generally available (GA).

Cloud SQL gives you the flexibility to choose between three CA hierarchy options when you create a Cloud SQL instance.

You can choose between the per-instance CA (GOOGLE_MANAGED_INTERNAL_CA), the shared CA (GOOGLE_MANAGED_CAS_CA), or the customer-managed CA (CUSTOMER_MANAGED_CAS_CA) options as the server certificate authority (CA) mode for your instance. If you create an instance using the Google Cloud Console, then the shared CA option, (GOOGLE_MANAGED_CAS_CA), is the default configuration. If you create an instance using gcloud, the Cloud SQL Admin REST API, or Terraform, then the per-instance CA option (GOOGLE_MANAGED_INTERNAL_CA) is the default configuration.

The shared CA and customer-managed CA options are now generally available (GA).

Private Service Connect endpoint propagation is now generally available (GA). You can use the Network Connectivity Center hub to propagate the Private Service Connect endpoints of your Cloud SQL instances in a VPC network.

Query insights for Cloud SQL Enterprise edition and Cloud SQL Enterprise Plus edition is now generally available (GA) for Cloud SQL for SQL Server. You can also now view the query details, query plans, and statistical query execution charts for your top queries.

For more information, see Use query insights to improve query performance.

Cloud SQL now supports the Enterprise Plus recommender. Based on your application workloads and resource utilization, the recommender helps you optimize performance by identifying SQL Server instances that might see performance improvements when upgraded to Cloud SQL Enterprise Plus edition.

When you create a Cloud SQL for SQL Server instance, version SQL Server 2022 Standard is now the default.

You can export the transaction logs for all Cloud SQL for SQL Server instances that have point-in-time recovery (PITR) enabled and their logs stored in Cloud Storage.

Feature

Cloud SQL now lets you retain existing backups after an instance is deleted. These consist of on-demand and automatic backups created when the instance was live. For more information, see Retained backups.

Cloud SQL for SQL Server supports transparent data encryption (TDE) to encrypt data stored in your Cloud SQL for SQL Server instances.

TDE automatically encrypts data before it is written to storage, and automatically decrypts data when the data is read from storage.

TDE provides another layer of encryption in addition to Google's default offering of encryption for data at rest and Google's optional offering of customer-managed encryption keys (CMEK). TDE helps you meet regulatory compliance requirements and supports import or export operations of TDE encrypted backups. For more information, see About transparent data encryption.