Linked servers give SQL Server the ability to read data from remote data sourcesand execute commands on remote databases. This page provides information aboutCloud SQL instance permissions, things to consider when implementing linkedservers, and the limitations of using linked servers.

Linked server instance permissions

To set up linked servers, you need the following instance and user permissions:

• ALTER ANY LINKED SERVER: Cloud SQL grants this permission when you addthecloudsql enable linked servers flag to your instance.
• ALTER ANY LOGIN: Cloud SQL automatically grants this permission to theadministrative user for the Cloud SQL instance. This permission allowsyou to create a mapping between a login on Cloud SQL and a securityaccount on a linked server.

For a list of the default permissions available for Cloud SQL instances, seeDefault SQL Server users.

For information about how to grant theALTER ANY LINKED SERVER orALTER ANYLOGIN permission to additional accounts, see the example atGranting serverpermissions.

Considerations when using linked servers

This section has recommendations for handling security, performance, andreliability on linked servers.

Security

To mitigate potentialsecurity vulnerabilities,you need to ensure that linked servers have strong security protocols in place,such as the following:

• Implement appropriate authentication and authorization mechanisms, such asSSL encryption.
• Implement strictpassword policies.
• Ensure that only authorized users have access to the linked server.
• Ensure that sensitive data is properly encrypted and secured.
• Ensure that logins only have access to the resources that you use during theconfiguration.

Performance

There are a few factors that might impact performance on linked servers:

• Linked servers can introduce latency and degrade performance when queriesare complex, depending on the volume of data each server transfers. This cancause problems for applications that require real-time data synchronization.
• When you use linked servers to run a query, a database engine creates anew connection and fetches data for every query you run. Data isn't cachedand the server mightcopy the entire table across the networkevery time you use a linked server.
• Cloud SQL can'tcreate an optimized execution planfor the remote server because it doesn't know how the remote server handlesindexes and statistics.

To optimize performance, do the following:

• Carefully design your queries and ensure that only the necessary data isbeing transferred between servers.
• Leverage theSQL Server distributed queriesfeature.
• Distribute queries across multiple servers.
• Regularly monitor and optimize your linked server configuration to helpensure that it's running smoothly.

Reliability

Any interruptions or failures in the link between servers can lead tosignificant downtime and potentially cause data loss.

To ensure reliable operation, it's important to implement appropriate failoverand redundancy mechanisms. This can include the following:

• Implement a backup linked server for failover.
• Monitor server availability and performance.
• Regularly test and validate your linked server configurations.

Limitations

Linked servers for Cloud SQL have the following limitations:

• Linked servers can't use data sources other than SQL Server.
• Active Directory Authentication isn't available for linked Servers.
• If you're using Private Service Connect to connect to aCloud SQL instance, then you need toenable Private Service Connect outbound connectivityto use linked servers.

For a full list of limitations for linked servers, seeUnsupported features &services.

What's next

• Learn how toenable, add, and configure linkedservers.