Blue Monday took the 4th of July holiday off, but so did the Azure release sprints.
The biggest Azure news for developers over the past 14 days: Always Encrypted for Azure SQL Database is generally available.
Basically, Always Encrypted handles the encryption and decryption of your data at the client level, using either Azure Key Vault (for cloud-based / widely distributed programs) or a local Windows certificate store (for client-to-client applications).
Since your data is encrypted and decrypted at the client, even if your database is compromised, it’s not much use to the hacker — assuming you don’t also give up the certificate, of course.
This is an incredibly powerful tool for security and compliance and makes Azure SQL Database an attractive option for storing personal information, in my opinion.
Azure SQL Database point-in-time restore extended
Also in Azure SQL Database news, Standard service tier databases now have point in time restore points for 35 days, up from the previous 14 days and the same as the point in time restore capabilities of the Premium tier.
I use Standard tier databases for pretty much everything. They are incredibly reliable. In addition to using Standard Geo-Replication on my mission-critical database loads, I also use SQL Data Sync to effectively run active replicants in another region.
This is a considerable cost savings over even a low-end Premium service tier Azure SQL Database with Active Geo-Replication, so the extension of the point in time restore records for the Standard tier is a nice upgrade for me.
Mind you, I have a time to recovery objective of an hour or so for most of my solutions; if I needed seamless recovery, I would go with Premium.
Odds and ends
- It’s long overdue (pun intended), but Azure Automation now supports timezones and daylight saving.
- Redis Cache now supports rebooting on demand and the specific scheduling of maintenance windows.
- Cool storage is available in the two Canada regions. Pun not intended.
- Migration tools for VMs from Classic to Resource Manager are now generally available. I’m not moving my VMs out of Classic until I have to, because even with tools, it looks like trouble waiting to happen. I’m also not sold on the benefits of Resource Manager deployments versus Classic deployments. However, it wouldn’t surprise me if eventually, Microsoft requires all Classic VMs to become Resource Manager VMs.
- The DocumentDB request unit calculator has had an overhaul. Pricing remains opaque and Byzantine.