1. Overview
    1. Windows applications can run on Compute Engine and take advantage of many benefits available to virtual machine instances.
    2. Use Windows Server images to create instances with a basic Windows environment.
    3. Use SQL Server images to start instances that have Windows Server with SQL Server preinstalled.
    4. Pay for both Windows Server and SQL Server licenses only when in use.
    5. Windows Server images receive per-second billing and SQL Server images receive per-minute billing.
    6. Run .NET applications on Compute Engine instances.
    7. Deploy Active Directory to instances and bring domain services to the cloud.
    8. Run IIS web servers to host web content on Windows instances.
    9. Use existing Microsoft application licenses through the Microsoft license mobility program.
  2. Server
    1. Windows Server is a server operating system from Microsoft.
    2. Create instances with Windows Server images to run applications that are specific to Windows.
    3. Compute Engine offers several versions of Windows Server, most of which are available as both regular and Shielded VM images.
    4. Shielded VM images offer security features like UEFI-compliant firmware, Secure Boot, and vTPM-protected Measured Boot.
    5. When a Windows Server instance is created, users pay by the second for the use of the Windows Server license.
    6. The cost for the license depends on the number of vCPUs in the machine type of the instance.
    7. Windows Server images are premium resources that incur additional fees.
    8. Instances that run Windows Server images on Compute Engine can activate and renew their licenses only if they have a network connection to kms.windows.googlecloud.com.
    9. Windows Server instances unable to access kms.windows.googlecloud.com stop functioning within 30 days.
    10. Bring existing Windows Server licenses to Compute Engine using Bring your own license with sole-tenant nodes.
    11. Bring existing Microsoft application licenses to Windows Server instances to run specific applications, and continue to manage those licenses.
    12. Bring existing Windows client licenses to Compute Engine using Bring your own license with sole-tenant nodes and import image as a virtual disk.
    13. Similar to bringing your license with Windows Server, continue to manage license and compliance.
  3. SQL
    1. Microsoft SQL Server is a database system that runs on Windows Server.
    2. Use SQL Server on Compute Engine as part of the backend for applications, as a flexible development and test environment, or in addition to on-prem systems for backup and disaster recovery.
    3. Compute Engine provides images with Microsoft SQL Server preinstalled on Windows Server.
    4. For these SQL Server images, Compute Engine manages the license for both Windows Server and SQL Server, and includes the cost in monthly bill.
    5. Compute Engine stores data on durable persistent disks with automatic redundancy and automatic encryption at rest.
    6. For additional performance, create instances with a local SSD as a cache that provides additional IOPS and performance for SQL Server queries.
    7. Instances that includes SQL Server are billed by the second for the SQL Server license in addition to the Compute Engine instance resources and the Windows Server license.
    8. The cost of SQL Server instances includes the following items:
    9. The cost of the SQL Server license.
    10. The cost for the Windows Server license.
    11. The cost of the machine type for the instance.
    12. The cost for resources that are attached to instance. For example, persistent disks, Local SSDs, and network resources.
  4. Security
    1. BitLocker can be enabled for Windows boot disks that are part of Shielded VM images.
    2. Shielded VM images offer security features such as UEFI-compliant firmware, Secure Boot, and vTPM-protected Measured Boot.
    3. If BitLocker is enabled on a Windows boot disk that is part of a Shielded VM image, save the recovery key to a safe location, because without the recovery key, data cannot be recovered.
    4. On Shielded VM boot disks, BitLocker uses the vTPM to store the encryption keys, and the vTPM is permanently associated with the VM on which it was created.
    5. A snapshot of a Shielded VM boot disk can be restored to another persistent disk, but can't be decrypted because the vTPM containing the BitLocker keys isn't available.
    6. On Shielded VM data disks, persistent disk data is encrypted by default.
    7. Enabling BitLocker on top of persistent disk encryption doesn't affect throughput, but might increase vCPU utilization slightly.
    8. Enabling BitLocker on data disks attached to the VM doesn't pose the same recovery challenges as for boot disks.
    9. BitLocker encryption keys for data disks aren't stored on the vTPM.
    10. Where the ability to unlock the disk normally is lost but the recovery key is available, attach the disk to another unencrypted VM and recover it from there.
  5. Support
    1. On the EOS date for a version of the operating system:
    2. Google can no longer access updates.
    3. Google can no longer access security patches.
    4. Google retires the operating system image, and the image is no longer available to create new VM instances.