Public Preview: Azure SQL updates for mid-March 2026
AzureMicrosoft
Public Preview: Azure SQL updates for mid-March 2026
In mid-March 2026, the following updates and enhancements were made to Azure SQL:
- Reduce the consumption of storage space, I/O, and memory and improve performance without investing time and effort into index maintenance jobs.
- Configure soft delete retention for your Azure SQL Server to prevent accidental deletion and self-restore in case of deletion.
- Azure SQL Database Hyperscale Premium‑series expands scalability with new 160 and 192 vCore options representing a 25% and 50% increase respectively over the current 128 vCore limit, enabling significantly larger compute and memory configurations for the most demanding workloads.
- DiskANN for vector indexing and vector search has been significantly improved, addressing previous constraints. The vector index now supports fully real-time updates, integrated pre-filtering and post-filtering, and improved memory efficiency at scale through vector quantization. These advancements make it well suited for operational retrieval‑augmented generation (RAG) workloads.
Public Preview: Azure Databricks OneLake Catalog Federation
You can now enable OneLake catalog federation in Azure Databricks to query Microsoft Fabric OneLake data without copying or moving it. By connecting Unity Catalog to a OneLake catalog, Azure Databricks automatically syncs schemas and tables so Fabric Lakehouse items appear side‑by‑side with your existing Azure Databricks data assets. Your queries continue to run on Azure Databricks compute while reading the data stored in OneLake, giving you a zero‑copy experience that reduces data sprawl and simplifies architecture.
This interoperability lets more teams reuse the same trusted OneLake data products across engines, avoid building parallel pipelines, and spend less time managing refreshes and reconciliations. It also keeps OneLake as the single source of truth while expanding how broadly those data products can be used across your organization. You can start modernizing your Fabric–Azure Databricks analytics patterns with fewer copies and more consistent governance.
Generally Available: Azure Red Hat OpenShift Managed Identity and Workload Identity
Azure Red Hat OpenShift now supports managed identities and workload identities as a generally available capability, enabling you to run OpenShift clusters and applications on Azure without long lived service principal credentials. This aligns Azure Red Hat OpenShift with the short-lived token and least privilege identity patterns used across Azure, while keeping OpenShift integrated with existing Azure identity, access, and governance models.
General availability: Azure SQL updates for mid-March 2026
In mid-March 2026, the following updates and enhancements were made to Azure SQL:
- Publish SQL database projects directly from Visual Studio Code to streamline database deployment workflows.
- View and edit SQL table data directly in the MSSQL extension for Visual Studio Code using an interactive grid.
- Azure SQL Database now supports versionless keys for transparent data encryption (TDE), giving you a simpler and more reliable way to manage your own encryption keys.
Generally Available: GitHub Copilot in SQL Server Management Studio 22
GitHub Copilot is now generally available in SQL Server Management Studio (SSMS) 22, bringing AI‑powered assistance directly into the application that you use every day.
With GitHub Copilot in SSMS, you can use natural language to develop, explain, fix, and optimize T‑SQL, troubleshoot queries, and better understand your databases without leaving your workflow. GitHub Copilot includes intelligent code completions in the query editor, helping you write T-SQL faster and with greater confidence. In addition, you can use database instructions to explain business rules and conventions that Copilot should follow, helping it to provide more precise, relevant assistance.
Using the context of your connection, Copilot delivers database‑specific guidance exactly when you need it. This release helps you work more efficiently, reduce context switching, and tackle complex database tasks with greater confidence. By using the same GitHub Copilot subscription already available in Visual Studio and Visual Studio Code, you get a consistent AI experience across your daily tools—now extended to SQL databases.
Public Preview: SQL MCP Server
Announcing SQL MCP Server, our Model Context Protocol (MCP) connector for production databases. SQL MCP Server is a feature rich component of data API builder (DAB) that gives you a simple, predictable, secure way to bring AI agents into your data workflows without compromising the database or relying on natural language. SQL MCP Server runs locally, on premises, or in any cloud as a containerized service.
Public Preview: Database DevOps in SSMS powered by SQL projects
Bring the benefits of schema-as-code to your database development workflow. SQL database projects enable you to source control your database schema, perform reliable deployments to any environment, and integrate code quality checks into your development process, all from within SQL Server Management Studio (SSMS).
A SQL database project is a local representation of SQL objects that comprise the schema for a single database, such as tables, stored procedures, or functions. The development cycle of a SQL database project enables database development to be integrated into a continuous integration and continuous deployment (CI/CD) workflow, a familiar development best practice. With this release, you can use Microsoft.Build.Sql SDK-style projects in SSMS, giving you a consistent experience with Visual Studio Code SQL projects.
Whether you're managing a single database or orchestrating complex deployments across multiple environments, SQL projects in SSMS provide the foundation for modern database DevOps practices.
Public preview: GitHub Copilot integration in Schema Designer for the MSSQL extension
The MSSQL extension for Visual Studio Code now introduces GitHub Copilot integration in Schema Designer, expanding the visual schema design experience with AI-assisted capabilities. Based on developer feedback and evolving workflows, you can now understand, design, and modify database schemas using natural language.
You can describe the tables or changes you want, and GitHub Copilot plans and generates proposed updates inside Schema Designer. Each schema change is previewed visually, color-coded, and tracked in a dedicated Change Tracking panel with familiar source control-style labels such as Add (A), Modify (M), and Delete (D). You can clearly differentiate between your own edits and AI-generated suggestions, inspect detailed modifications, and review changes before they are applied. With built-in review workflows and clear visual diffs, you stay in control while iterating safely with undo and redo support.
Whether you’re starting a new project or updating an existing one, this guided experience helps you move confidently from an idea to a validated data model. From there, you can continue into the new Data API Builder public preview in the MSSQL extension, where GitHub Copilot plans and generates back-end endpoints from your schema. Together, these experiences give you an end-to-end path from database design to a working back end in minutes so you can build modern, AI-ready, secure applications faster without switching tools or losing control.
Public Preview: Data API builder with built-in GitHub Copilot in MSSQL extension
The MSSQL extension for Visual Studio Code now introduces Data API builder in public preview with built-in GitHub Copilot integration, bringing a guided back-end generation experience directly into your development workflow. You can generate REST, GraphQL, and MCP endpoints from your SQL database schema inside Visual Studio Code without manually configuring infrastructure or connection strings.
You select tables, define CRUD operations, and configure per-entity settings such as authorization roles, and primary keys, and route behavior through a dedicated API design interface. The generated Data API builder configuration file stays synchronized with your selections, can be previewed directly in the extension, and can be added to your workspace for full transparency and version control. You can modify the configuration manually or use GitHub Copilot to plan and generate updates.
With just a few steps, the extension provisions and runs a local Data API builder container using your existing database connection context. This guided experience helps you move from validated schema to a working back end in minutes, enabling you to build modern, AI-ready, secure applications faster without switching tools or losing control.
Generally Available: Versionless key support for transparent data encryption in Azure SQL Database
Azure SQL Database now supports versionless keys for transparent data encryption (TDE), giving you a simpler and more reliable way to manage your own encryption keys. You no longer need to reference a specific key version from Azure Key Vault or Managed HSM when configuring TDE with customer-managed keys. Instead, you point to a versionless key URI, and Azure SQL automatically starts using the latest version.
Versionless keys help you reduce operational overhead and the risk of misconfiguration. You keep full control over your keys and rotation policies, while making encryption at rest easier to operate at scale.
Generally Available: Lakeflow Connect Free Tier now available in Azure Databricks
Azure Databricks now offers a Lakeflow Connect Free Tier that gives each workspace 100 free DBUs per workspace per day for ingestion from SaaS applications and databases. This allows you to bring roughly 100 million records of data per workspace per day into your Lakehouse at no charge before standard Lakeflow Connect pricing applies.
With the Lakeflow Connect Free Tier, organizations can easily ingest data into the lakehouse, govern it with Unity Catalog, and power analytics and AI applications such as Genie.
Generally Available: Foundry Agent Service
Announcing general availability (GA) of the next-gen Foundry Agent Service—a redesigned API format and runtime experience designed to help teams build and operate agents that can move from prototype to production with confidence. This GA moment is anchored in a simple promise: enterprise-grade AI agents—secure by design, observable by default.
Generally Available: Default Rule Set 2.2 and updates to ruleset support policy
We are updating the managed ruleset support policy for Azure Web Application Firewall (WAF) following the general availability of Default Rule Set (DRS) 2.2 on Azure Application Gateway and Azure Front Door. This update provides a clearer, more predictable lifecycle for managed rulesets while ensuring customers continue to benefit from the latest security protections.
Starting with DRS 2.2, Azure WAF supports the latest three managed ruleset versions (N, N-1, and N-2) at any given time. When a new ruleset version is released, the version that becomes N-3 enters a final one-year support period. During this final year, the N-3 version may receive only critical security updates as needed.
With the release of DRS 2.2, the following ruleset versions are entering their final support year ending on February 26, 2027: CRS 3.1 and CRS 3.0 in Azure Application Gateway and DRS 1.2, DRS 1.1 and DRS 1.0 in Azure Front Door. Customers should upgrade to a supported ruleset version to maintain full protection coverage and ongoing improvements, including enhanced detections and reduced false positives.
Public Preview: Entra ID-Based Access for Azure Blob Storage SFTP
Microsoft Entra ID-based access for Azure Blob Storage SFTP is now in public preview. This new capability empowers you to use Microsoft Entra ID identities (including guest users via Entra External Identities) to securely connect to Azure Blob Storage via SFTP without needing local user creation and management.
Key capabilities include:
Single Sign-On and Multi-Factor Authentication: Users authenticate with their existing corporate credentials, with MFA support to protect against credential theft.
Conditional Access Policies: Apply sophisticated access controls based on user location, device compliance, risk level, and other contextual factors.
Unified Identity Lifecycle: SFTP access is automatically updated or revoked through your existing identity management processes when users leave or change roles.
External Identity Support: Securely collaborate with partners and vendors using Entra External Identities (B2B) without creating local accounts.
Native Azure RBAC, ABAC, and ACL Integration: SFTP access seamlessly integrates with Azure's comprehensive authorization framework, respecting the same permissions as REST API, Azure CLI, and other access methods.
Questions or feedback? We would love to hear from you! Reach out to our team at blobsftp@microsoft.com.
Get started: Register for the preview feature in your subscription, assign RBAC roles to a user or group, and generate an SSH certificate to connect via SFTP.
