Announcing new security and observability features in Azure Database for PostgreSQL
Published Mar 07 2023 07:04 PM 4,420 Views
Microsoft

We’re on a mission to make Azure Database for PostgreSQL the best destination for migrating or modernizing your open-source enterprise workloads to Azure. For this reason, we are dedicated to releasing features and capabilities that are integral to developing mission critical applications in Azure Database for PostgreSQL – Flexible Server. Today we’re excited to share the recent feature announcements available in Azure Database for PostgreSQL – Flexible Server that will help protect your data more securely, improve credential management, and provide better control over your databases.

Improve database security and credential management with the general availability of Azure Active Directory

You can now improve database security by delegating your database credential management and authentication to a centralized identity provider with the general availability of Azure Active Directory authentication in Azure Database for PostgreSQL – Flexible Server. Azure Active Directory authentication in Azure Database for PostgreSQL – Flexible Server now provides full support for managed identities, improved group roles and support for invited users and the ability to disable local password-based authentication. With Azure Active Directory authentication, you can manage database user identities and other Microsoft services in a central location, which simplifies permission management. This feature also provides full support for API, CLI, and Terraform. Additional benefits of Azure Active Directory include:

  • Uniform user authentication across Azure Services
  • Centralized password management and policy rotation
  • Multiple forms of authentication supported by Azure Active Directory, which can eliminate the need to store passwords
  • Database permissions management with external (Azure AD) groups
  • Authenticate identities at a database level with Postgres database roles
  • Token-based authentication support for applications connecting to Azure Database for PostgreSQL

Learn more

 

Encrypt your data with the general availability of customer managed keys️

 

Protect your sensitive data by enabling encryption with customer managed keys now generally available in all regions worldwide in Azure Database for PostgreSQL- Flexible Server. Customer managed keys offer customers an additional layer of control by enabling central management of encryption keys, addressing specific security and compliance requirements, and putting organizations in full control of a key’s usage permissions and life cycle. Customer-managed keys are stored in Azure Key Vault, a centralized key-management service that provides additional security, high availability, and disaster recovery capabilities. Geo-redundant backup and API/CLI are also supported with customer managed keys. Additional benefits of customer managed keys include:

  • Full data access & control to remove a key and make the database inaccessible if needed.
  • Ability to implement separation of duties between security officers, DBA, and system administrators.

Learn more


Understand your Azure Database for PostgreSQL Flexible Server like never before with the new observability enhancements

Azure Database for PostgreSQL Flexible Server has recently introduced several observability enhancements. These enhancements provide developers with powerful tools to monitor database and optimize app query performance, troubleshoot issues, and integrate database monitoring data into their workflows. This can help developers to deliver high-performance, scalable applications that meet the needs of their users.

  • Enhanced Metrics (preview) - Azure Database for PostgreSQL Flexible Server now provides more than 40 enhanced metrics including performance, database saturation, replication etc., allowing users to monitor and diagnose issues with their databases. For details, refer Enhanced metrics for Azure Postgres Flexible Server
  • Autovacuum monitoring metrics (preview) Added new metrics to monitor the autovacuum performance and identify and vacuuming issues in the database. For details, refer Monitoring Autovacuum in Azure PostgreSQL Flexible Server
  • PgBouncer monitoring metrics (preview) Added new metrics to monitor connection pooling performance in Azure Database for PostgreSQL Flexible Server. In addition, customers can also login to PgBouncer admin console and run SHOW commands to get detailed statistics. For details, refer Monitoring PgBouncer in Azure PostgreSQL Flexible Server
  • Query Performance Insight (preview) This feature provides a graphical representation of database performance metrics, making it easier to identify performance issues. For details, refer Query Performance Insight - Start monitoring in minutes
  • Query Store (generally available) This feature provides insights into query performance and allows users to identify and troubleshoot performance issues. For details, refer Query Store Overview
  • Log Analytics Integration (generally available) Users can now export logs to Azure Log Analytics, making it easier to analyze and troubleshoot issues across multiple databases. For details, refer Configure and Access Logs
  • Azure Monitor workbooks (generally available) Azure Database for PostgreSQL Flexible Server now integrates with Azure Monitor workbooks, which allow users to create visual reports and analyze data within the Azure portal for enhanced metrics, autovaccum metrics etc. For details, refer Monitor workbooks for Azure Database for PostgreSQL Flexible Server

Overall, these observability enhancements make it easier for users to monitor and troubleshoot Azure Database for PostgreSQL Flexible Server, improving performance and reliability.

 

Conclusion

You can begin improving your database security and observability, And start using these features today. Get started with an Azure free account
We look forward to hearing about your experience using our Azure Database for PostgreSQL- Flexible Server and the new features. If you have any feedback, suggestions, questions, or other input, please reach out to us at AskAzureDBforPostgreSQL@service.microsoft.com.

Version history
Last update:
‎Apr 05 2023 08:11 PM
Updated by: