Enterprise Features

On this page Carat arrow pointing down

This page lists Enterprise features. For information on how to obtain and set trial and Enterprise license keys for CockroachDB, see the Licensing FAQs.

Note:

CockroachDB is evolving. In late 2024, we will retire our Core offering to consolidate on a single CockroachDB Enterprise offering under a new license. CockroachDB Enterprise will be available at no charge for individual users and small businesses and will offer all users, free and paid, the full breadth of CockroachDB capabilities. See the CockroachDB licensing update page for details.

Cluster optimization

Feature Description
Read Committed isolation Achieve predictable query performance at high workload concurrencies, but without guaranteed transaction serializability.
Follower Reads Reduce read latency in multi-region deployments by using the closest replica at the expense of reading slightly historical data.
Multi-Region Capabilities Row-level control over where your data is stored to help you reduce read and write latency and meet regulatory requirements.
PL/pgSQL Use a procedural language in user-defined functions and stored procedures to improve performance and enable more complex queries.
Node Map Visualize the geographical distribution of a cluster by plotting its node localities on a world map.

Recovery and streaming

Feature Description
BACKUP and restore capabilities Taking and restoring full backups, incremental backups, backups with revision history, locality-aware backups, and encrypted backups.
Changefeeds into a Configurable Sink For every change in a configurable allowlist of tables, configure a changefeed to emit a record to a configurable sink: Apache Kafka, cloud storage, Google Cloud Pub/Sub, or a webhook sink. These records can be processed by downstream systems for reporting, caching, or full-text indexing.
Change Data Capture Queries Use SELECT queries to filter and modify change data before sending it to a changefeed's sink.
Physical Cluster Replication Send all data at the byte level from a primary cluster to an independent standby cluster. Existing data and ongoing changes on the active primary cluster, which is serving application data, replicate asynchronously to the passive standby cluster.

Security and IAM

Feature Description
Encryption at Rest Enable automatic transparent encryption of a node's data on the local disk using AES in counter mode, with all key sizes allowed. This feature works together with CockroachDB's automatic encryption of data in transit.
Column-level encryption Encrypt specific columns within a table.
GSSAPI with Kerberos Authentication Authenticate to your cluster using identities stored in an external enterprise directory system that supports Kerberos, such as Active Directory.
Cluster Single Sign-on (SSO) Grant SQL access to a cluster using JSON Web Tokens (JWTs) issued by an external identity provider (IdP) or custom JWT issuer.
Single Sign-on (SSO) for DB Console Grant access to a cluster's DB Console interface using SSO through an IdP that supports OIDC.
Role-based SQL Audit Logs Enable logging of queries being executed against your system by specific users or roles.
Certificate-based authentication using multiple values from the X.509 Subject field Map SQL user roles to values in the Subject field of the X.509 certificate used for TLS authentication.

See also


Yes No
On this page

Yes No