September 2025 Recap: What’s New with Azure Database for PostgreSQL
September 2025 Recap for Azure Database for PostgreSQL September was a big month for Azure Postgres! From the public preview of PostgreSQL 18 (launched same day as the community!) to the GA of Azure Confidential Computing and Near Zero Downtime scaling for HA, this update is packed with new capabilities that make PostgreSQL on Azure more secure, performant, and developer-friendly. 💡 Here’s a quick peek at what’s inside: PostgreSQL 18 (Preview) – early access to the latest community release on Azure Near Zero Downtime Scaling (GA) – compute scaling in under 30 seconds for HA servers Azure Confidential Computing (GA) – hardware-backed data-in-use protection PostgreSQL Discovery & Assessment in Azure Migrate (Preview) – plan your migration smarter LlamaIndex Integration – build AI apps and vector search using Azure Postgres VS Code Extension Enhancements – new Server Dashboard + Copilot Chat integration Catch all the highlights and hands-on guides in the full recap 👉 #PostgreSQL #AzureDatabase #AzurePostgres #CloudDatabases #AI #OpenSource #MicrosoftPostgreSQL and the Power of Community
PGConf NYC 2025 is the premier event for the global PostgreSQL community, and Microsoft is proud to be a Platinum sponsor this year. The conference will also feature a keynote from Claire Giordano, Principal PM for PostgreSQL at Microsoft, who will share our vision for Postgres along with lessons from ten PostgreSQL hacker journeys.
Architecting Secure PostgreSQL on Azure: Insights from Mercedes-Benz
Authors: Johannes Schuetzner, Software Engineer at Mercedes-Benz & Nacho Alonso Portillo, Principal Program Manager at Microsoft When you think of Mercedes-Benz, you think of innovation, precision, and trust. But behind every iconic vehicle and digital experience is a relentless drive for security and operational excellence. At Mercedes-Benz R&D in Sindelfingen, Germany, Johannes Schuetzner and the team faced a challenge familiar to many PostgreSQL users: how to build a secure, scalable, and flexible database architecture in the cloud—without sacrificing agility or developer productivity. This article shares insights from Mercedes-Benz about how Azure Database for PostgreSQL can be leveraged to enhance your security posture, streamline access management, and empower teams to innovate with confidence. The Challenge: Security Without Compromise “OK, let’s stop intrusions in their tracks,” Schuetzner began his POSETTE talk, setting the tone for a deep dive into network security and access management. Many organizations need to protect sensitive data, ensure compliance, and enable secure collaboration across distributed teams. The typical priorities are clear: Encrypt data in transit and at rest Implement row-level security for granular access Integrate with Microsoft Defender for Cloud for threat protection Focus on network security and access management—where configuration can make the biggest impact Building a Secure Network: Private vs. Public Access Mercedes-Benz explored two fundamental ways to set up their network for Azure Database for PostgreSQL: private access and public access. “With private access, your PostgreSQL server is integrated in a virtual network. With public access, it is accessible by everybody on the public internet,” explained Schuetzner. Public Access: Public endpoint, resolvable via DNS Firewall rules control allowed IP ranges Vulnerable to external attacks; traffic travels over public internet Private Access: Server injected into an Azure VNET Traffic travels securely over the Azure backbone Requires delegated subnet and private DNS VNET peering enables cross-region connectivity “One big benefit of private access is that the network traffic travels over the Azure backbone, so not the public internet,” said Schuetzner. This ensures that sensitive data remain protected, even as applications scaled across regions. An Azure VNET is restricted to an Azure region though and peering them may be complex. Embracing Flexibility: The Power of Private Endpoints Last year, Azure introduced private endpoints for PostgreSQL, a significant milestone in Mercedes-Benz’s database connectivity strategy. It adds a network interface to the resource that can also be reached from other Azure regions. This provides the resources in the VNET associated with the private endpoint to connect to the Postgres server. The network traffic travels securely over the Azure backbone. Private endpoints allow Mercedes-Benz to: Dynamically enable and disable public access during migrations Flexibly provision multiple endpoints for different VNETs and regions Have explicit control over the allowed network accesses Have in-built protection from data exfiltration Automate setup with Terraform and infrastructure-as-code This flexibility can be crucial for supporting large architectures and migration scenarios, all while maintaining robust security. Passwordless Authentication: Simplicity Meets Security Managing database passwords is a pain point for every developer. Mercedes-Benz embraced Azure Entra Authentication (formerly Azure Active Directory) to enable passwordless connections. Passwordless connections do not rely on traditional passwords but are based on more secure authentication methods of Azure Entra. They require less administrational efforts and prevent security breaches. Benefits include: Uniform user management across Azure resources Group-based access control Passwordless authentication for applications and CI/CD pipelines For developers, this means less manual overhead and fewer risks of password leaks. “Once you have set it up, then Azure takes good care of all the details, you don’t have to manage your passwords anymore, also they cannot be leaked anymore accidentally because you don’t have a password,” Schuetzner emphasized. Principle of Least Privilege: Granular Authorization Mercedes-Benz appreciates the principle of least privilege, ensuring applications have only the permissions they need—nothing more. By correlating managed identities with specific roles in PostgreSQL, teams can grant only necessary Data Manipulation Language (DML) permissions (select, insert, update), while restricting Data Definition Language (DDL) operations. This approach minimizes risk and simplifies compliance. Operational Excellence: Automation and Troubleshooting Automation is key to Mercedes-Benz’s success. Using Terraform and integrated in CI/CD pipelines, the team can provision identities, configure endpoints, and manage permissions—all as code. For troubleshooting, tools like Azure Bastion enable secure, temporary access to the database for diagnostics, without exposing sensitive endpoints. The Impact: Security, Agility, and Developer Empowerment By leveraging Azure Database for PostgreSQL, Mercedes-Benz can achieve: Stronger security through private networking and passwordless authentication Flexible, scalable architecture for global operations Streamlined access management and compliance Empowered developers to focus on innovation, not infrastructure Schuetzner concluded, “Private endpoints provide a new network opportunity for Postgres on Azure. There are additional costs, but it’s more flexible and more dynamic. Azure takes good care of all the details, so you don’t have to manage your passwords anymore. It’s basically the ultimate solution for password management.” Mercedes-Benz’s story shows that with the right tools and mindset, you can build secure and scalable solutions on Azure Database for PostgreSQL. For more details, refer to the full POSETTE session.August 2025 Recap: Azure Database for PostgreSQL
Here’s what’s new this month to help you build smarter and scale securely: Advisor performance tuning (GA): New insights on index scans, logging, stats, and connections Entra ID group login (Preview): Let users sign in with their own credentials (no need for login using group-ID). New region – Austria East: Lower latency + data residency options for Central Europe LangChain & LangGraph support: Use Azure PostgreSQL as a vector store for AI agents Active-active replication guide: Step-by-step walkthrough using pglogical Full details in monthly recap: https://techcommunity.microsoft.com/blog/adforpostgresql/august-2025-recap-azure-database-for-postgresql/4450527New ESG study validates how fully managed PostgreSQL on Azure delivers economic wins
Migrating your PostgreSQL databases to Azure delivers cost, performance and productivity benefits, while laying a strong foundation for innovation. But don’t just take our word for it. We’ve worked with the Enterprise Strategy Group (ESG), now a part of Omdia, to validate how organizations benefit economically from moving their PostgreSQL databases to Azure. Whether you’re modernizing your mission-critical applications or developing the next groundbreaking feature, migrating to Azure gives you the freedom, flexibility and continuous improvements of open source backed by the reliability, security and efficiency of Azure. Read the full PostgreSQL report PostgreSQL is the preferred choice of developers building the next generation of intelligent applications, according to the 2025 Stack Overflow survey. However, many teams are finding that managing these open-source databases on-premises is increasingly challenging, especially as their innovation initiatives demand more and more resources. Because of this, organizations are rapidly modernizing their database infrastructure to better support these next-gen initiatives. At a glance – benefits of migrating to Azure Database for PostgreSQL Increasing complexity is nothing new to today’s IT and developer teams. Some of the key drivers contributing to this complexity include integrating emerging tech like AI and managing cybersecurity concerns—two things that the fully managed Azure Database for PostgreSQL service handles very well. Built-in GenAI capabilities, performance recommendations, and enterprise-grade security, scalability, compliance and availability make PostgreSQL on Azure a natural fit for teams looking to build intelligent enterprise applications. The ESG report highlights: 58% lower total cost of ownership 65% improvement in database performance $770K in savings from avoiding downtime “We have seen wins on both sides of the financial equation. Our costs are down across the board, and we have increased our revenue specifically because of the capabilities that moving our Azure Database for PostgreSQL.” Review the Azure Database for PostgreSQL Economic Validation Infographic A closer look – how fully managed PostgreSQL on Azure delivers economic wins for the enterprise Lower total cost of ownership Migration dramatically lowers the total cost of ownership of enterprise databases. By shifting from on-premises infrastructure to Azure’s managed service, enterprises eliminate many capital and operational expenses. Elimination of hardware and maintenance costs: On-premises PostgreSQL deployments require investing in servers, storage, networking hardware, as well as ongoing power, cooling, and data center space. Migrating to Azure removes these needs entirely. Companies no longer have to purchase or refresh hardware or pay for associated facilities and utilities, directly cutting capex and support costs. Reduced licensing and support expenses: Azure’s model also eliminates traditional database licensing fees, third-party support contracts, and expensive monitoring tools for on-premises systems. Organizations reported saving thousands on separate support agreements or software licenses for their PostgreSQL instances. Pay-as-you-go flexibility: Azure Database for PostgreSQL offers pay-as-you-go and reserved pricing models, so enterprises only pay for the compute and storage they actually use. There’s no more overprovisioning resources to handle peak loads, and dynamic scaling ensures capacity matches demand. Operational efficiency: By offloading database management to Microsoft, organizations also reduce administrative overhead, which indirectly lowers labor costs. In ESG’s study, moving to Azure cut the monthly DBA hours per database from 2.1 hours to just 0.6 hours, a ~70% decrease in effort, effectively saving payroll expenditure on routine upkeep. Improved performance and scalability Enterprises see substantial improvements in database performance and scalability after migrating to Azure. Because Azure Database for PostgreSQL runs on high-end cloud infrastructure with intelligent optimizations, applications can achieve faster response times and handle greater workloads. Higher throughput and lower latency: ESG’s interviews found average database performance improved by ~65%, and in one case a customer saw a 9× increase in throughput for its primary application after migration. Such gains come from Azure’s optimized compute, premium SSD storage options, and features like automatic performance tuning that are difficult to replicate on-premises. Elastic scaling on demand: In on-premises environments, supporting peak workloads often meant overprovisioning. Azure Database for PostgreSQL completely changes this paradigm with cloud elasticity. The ability to instantly right-size resources means applications always have the performance they need, and users experience responsive, low-latency service. Handling growth with ease: As an enterprise’s data and user base grows, Azure’s global infrastructure can seamlessly accommodate that expansion. This cloud scalability gives enterprises headroom to innovate and onboard more customers without performance bottlenecks. In contrast, scaling an on-premises PostgreSQL often requires complex sharding or hardware upgrades. Accelerated time to value: Improved performance and scalability directly impact business agility. Batch processes complete faster, reports generate sooner, and websites or applications can serve more customers per second. ESG noted that by removing infrastructure constraints, Azure empowered businesses to accelerate their time-to-value and respond faster to market demands. Operational agility and developer productivity By migrating to a fully managed service, enterprises gain agility and allow their IT/development teams to focus on innovation. Offloading database management to Azure not only saves costs but also frees up technical staff from mundane maintenance. This shift translates into faster project delivery and greater productivity: Less time spent “keeping the lights on”: ESG found that after migration, companies saw a major reduction in the effort required to manage databases. Administrators went from spending 2+ hours per database per month on upkeep to less than one hour. This over 70% drop in DBA workload means IT teams are no longer bogged down by routine chores. Faster development and release cycles: ESG observed that organizations enjoyed increased development velocity after migrating, since their engineers could devote time to coding and testing new features instead of managing database infrastructure. For example, one company in the study was able to increase its software release frequency significantly. Improved business agility: The combination of easier scaling, better performance, and less ops overhead means the organization can respond to opportunities faster. Some enterprises even credited the move to Azure with helping increase their revenue, because it allowed them to deliver new capabilities to market sooner. Focus on core competencies: After migration, organizations can let Azure handle the heavy lifting of database administration and instead concentrate on work that differentiates them in the marketplace. Developers spend more time building applications and analyzing areas that drive business value rather than performing software updates or fixing replication issues. Enhanced security, compliance, and reliability Azure Database for PostgreSQL provides enterprise-grade security and reliability features that far exceed what most companies can achieve on-premises. This results in a stronger risk posture, reducing the likelihood of breaches or downtime while also easing compliance burdens. Built-in high availability and disaster recovery: ESG’s modeled scenario saw annual PostgreSQL downtime drop from 10 hours on-premises to just 5 hours on Azure. With a 99.99% availability SLA for Azure Database for PostgreSQL, unplanned outages that used to disrupt business are largely a thing of the past. One ESG case study estimated about $770K in costs were avoided thanks to preventing downtime and the associated business disruptions. Strong security and data protection: PostgreSQL instances on Azure benefit from Microsoft’s massive investments in cybersecurity and compliance. One customer highlighted, “We are much more secure since we moved to Azure Database for PostgreSQL. We use Azure AI to set our security standards and get constant recommendations on how to increase our security even more.” Automated updates and governance: Azure takes care of updating PostgreSQL with the latest security fixes and can even upgrade the database engine version with minimal downtime. Furthermore, features like audit logging, advanced threat protection, and integration with Azure Security Center provide continuous oversight of database activity. Geo-redundancy and backup management: For disaster recovery, Azure allows geo-redundant backups and read replicas in different regions, improving an enterprise’s resilience to regional outages or disasters. Should data restoration be needed, it’s as simple as clicking a button. Azure Database for PostgreSQL offers enterprises a frictionless path to greater efficiency, innovation, and growth. By lowering costs and management burdens, it lets you redirect resources to strategic projects. By boosting performance and scalability, it ensures your applications can keep up with business demands. And by enhancing security and reliability, it safeguards one of your most precious assets—your data—while meeting the strict requirements of enterprise IT. The benefits outlined in the ESG study make a strong business case: migrating on-premises databases to Azure’s managed PostgreSQL can transform your IT operations and deliver tangible business value from day one. Tested, approved, trusted Migrating to a fully managed PostgreSQL service supports digital transformation. It allows enterprises to modernize their data estate without abandoning the familiarity of PostgreSQL. Developers can continue using the open-source tools and skills they know, but now with cloud-powered capabilities at their fingertips. Azure integrations (with AI services, analytics tools, etc.) further enable organizations to do more with their data. For example, companies can readily infuse AI or machine learning into their applications or take advantage of advanced analytics on their PostgreSQL data, since that data is easily accessible in the cloud. Read the full report for more details about the quantified benefits and customer testimonials. If you’re ready to start your journey, check out our migration guides. With Azure’s fully managed PostgreSQL, you can supercharge your data strategy, empower your developers, and ultimately accelerate your path to an AI-driven future.
