diff --git a/terraform/infrastructure/README.md b/terraform/infrastructure/README.md
index 1ff6c50..cc02ba0 100644
--- a/terraform/infrastructure/README.md
+++ b/terraform/infrastructure/README.md
@@ -34,7 +34,7 @@ No requirements.
 | <a name="input_enable_cert_manager"></a> [enable\_cert\_manager](#input\_enable\_cert\_manager) | Enables the service account needed for the use of cert manager | `bool` | `false` | no |
 | <a name="input_enable_http_ip_creation"></a> [enable\_http\_ip\_creation](#input\_enable\_http\_ip\_creation) | Used to enable the creation of a static ip for the http adapter | `string` | `false` | no |
 | <a name="input_enable_mqtt_ip_creation"></a> [enable\_mqtt\_ip\_creation](#input\_enable\_mqtt\_ip\_creation) | Used to enable the creation of a static ip for the mqtt adapter | `string` | `true` | no |
-| <a name="input_gke_cluster_maintenance_policy_recurring_window"></a> [gke\_cluster\_maintenance\_policy\_recurring\_window](#input\_gke\_cluster\_maintenance\_policy\_recurring\_window) | The recurring window maintenance policy for the cluster. For details see: https://registry.terraform.io/providers/hashicorp/google/5.15.0/docs/resources/container_cluster#nested_maintenance_policy | <pre>object({<br>    start_time = string,<br>    end_time = string,<br>    recurrence = string<br>  })</pre> | `null` | no |
+| <a name="input_gke_cluster_maintenance_policy_recurring_window"></a> [gke\_cluster\_maintenance\_policy\_recurring\_window](#input\_gke\_cluster\_maintenance\_policy\_recurring\_window) | The recurring window maintenance policy for the cluster. For details see: https://registry.terraform.io/providers/hashicorp/google/5.15.0/docs/resources/container_cluster#nested_maintenance_policy | <pre>object({<br>    start_time = string,<br>    end_time   = string,<br>    recurrence = string<br>  })</pre> | `null` | no |
 | <a name="input_gke_cluster_name"></a> [gke\_cluster\_name](#input\_gke\_cluster\_name) | Name of the GKE Cluster | `string` | `"hono-cluster"` | no |
 | <a name="input_gke_machine_type"></a> [gke\_machine\_type](#input\_gke\_machine\_type) | Machine Type for node\_pools | `string` | `"c2-standard-8"` | no |
 | <a name="input_gke_node_pool_name"></a> [gke\_node\_pool\_name](#input\_gke\_node\_pool\_name) | The name of the Node Pool in the Hono Cluster | `string` | `"standard-node-pool"` | no |
@@ -71,6 +71,7 @@ No requirements.
 | <a name="input_sql_instance_disk_type"></a> [sql\_instance\_disk\_type](#input\_sql\_instance\_disk\_type) | Disk Type of the SQL Instance | `string` | `"PD-SSD"` | no |
 | <a name="input_sql_instance_ipv4_enable"></a> [sql\_instance\_ipv4\_enable](#input\_sql\_instance\_ipv4\_enable) | Whether this Cloud SQL instance should be assigned a public IPV4 address. At least ipv4\_enabled must be enabled or a private\_network must be configured. | `bool` | `false` | no |
 | <a name="input_sql_instance_machine_type"></a> [sql\_instance\_machine\_type](#input\_sql\_instance\_machine\_type) | Machine Type of the SQL Instance | `string` | `"db-custom-1-3840"` | no |
+| <a name="input_sql_instance_maintenance_window"></a> [sql\_instance\_maintenance\_window](#input\_sql\_instance\_maintenance\_window) | The maintenance window settings for the cloud sql instance. For details see: https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance | <pre>object({<br>    day          = number,<br>    hour         = number,<br>    update_track = optional(string, "stable")<br>  })</pre> | `null` | no |
 | <a name="input_sql_instance_name"></a> [sql\_instance\_name](#input\_sql\_instance\_name) | Name of the SQL Instance | `string` | `"hono-sql"` | no |
 | <a name="input_sql_instance_version"></a> [sql\_instance\_version](#input\_sql\_instance\_version) | Database Version | `string` | `"POSTGRES_14"` | no |
 | <a name="input_ssl_policy_min_tls_version"></a> [ssl\_policy\_min\_tls\_version](#input\_ssl\_policy\_min\_tls\_version) | The minimum TLS version the SSL policy should allow | `string` | `"TLS_1_2"` | no |
diff --git a/terraform/infrastructure/main.tf b/terraform/infrastructure/main.tf
index ad26a69..ebe3f18 100644
--- a/terraform/infrastructure/main.tf
+++ b/terraform/infrastructure/main.tf
@@ -49,6 +49,7 @@ module "cloud_sql" {
   sql_instance_disk_type                   = var.sql_instance_disk_type
   sql_instance_deletion_protection_enabled = var.sql_instance_deletion_protection_enabled
   sql_instance_activation_policy           = var.sql_instance_activation_policy
+  sql_instance_maintenance_window          = var.sql_instance_maintenance_window
   sql_public_ip_enable                     = var.sql_instance_ipv4_enable
   sql_db_user_name                         = var.sql_db_user_name
   sql_hono_database_name                   = var.sql_hono_database_name
diff --git a/terraform/infrastructure/variables.tf b/terraform/infrastructure/variables.tf
index c5066b2..f8fed9f 100644
--- a/terraform/infrastructure/variables.tf
+++ b/terraform/infrastructure/variables.tf
@@ -54,11 +54,11 @@ variable "gke_cluster_name" {
 variable "gke_cluster_maintenance_policy_recurring_window" {
   type = object({
     start_time = string,
-    end_time = string,
+    end_time   = string,
     recurrence = string
   })
   description = "The recurring window maintenance policy for the cluster. For details see: https://registry.terraform.io/providers/hashicorp/google/5.15.0/docs/resources/container_cluster#nested_maintenance_policy"
-  default = null
+  default     = null
 }
 
 variable "sql_instance_name" {
@@ -103,6 +103,16 @@ variable "sql_instance_ipv4_enable" {
   default     = false
 }
 
+variable "sql_instance_maintenance_window" {
+  type = object({
+    day          = number,
+    hour         = number,
+    update_track = optional(string, "stable")
+  })
+  description = "The maintenance window settings for the cloud sql instance. For details see: https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance"
+  default     = null
+}
+
 variable "sql_db_user_name" {
   type        = string
   description = "The name of the user. Changing this forces a new resource to be created."
diff --git a/terraform/modules/cloud_sql/README.md b/terraform/modules/cloud_sql/README.md
index 3b9febb..95c160a 100644
--- a/terraform/modules/cloud_sql/README.md
+++ b/terraform/modules/cloud_sql/README.md
@@ -42,6 +42,7 @@ No modules.
 | <a name="input_sql_instance_deletion_protection_enabled"></a> [sql\_instance\_deletion\_protection\_enabled](#input\_sql\_instance\_deletion\_protection\_enabled) | Enables the deletion protection for the SQL instance. | `bool` | n/a | yes |
 | <a name="input_sql_instance_disk_type"></a> [sql\_instance\_disk\_type](#input\_sql\_instance\_disk\_type) | Disk Type of the SQL Instance | `string` | n/a | yes |
 | <a name="input_sql_instance_machine_type"></a> [sql\_instance\_machine\_type](#input\_sql\_instance\_machine\_type) | Machine Type of the SQL Instance | `string` | n/a | yes |
+| <a name="input_sql_instance_maintenance_window"></a> [sql\_instance\_maintenance\_window](#input\_sql\_instance\_maintenance\_window) | The maintenance window settings for the cloud sql instance. For details see: https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance | <pre>object({<br>    day          = number,<br>    hour         = number,<br>    update_track = string<br>  })</pre> | n/a | yes |
 | <a name="input_sql_instance_name"></a> [sql\_instance\_name](#input\_sql\_instance\_name) | Name of the SQL Instance | `string` | n/a | yes |
 | <a name="input_sql_instance_version"></a> [sql\_instance\_version](#input\_sql\_instance\_version) | Database Version | `string` | n/a | yes |
 | <a name="input_sql_public_ip_enable"></a> [sql\_public\_ip\_enable](#input\_sql\_public\_ip\_enable) | Whether this Cloud SQL instance should be assigned a public IPV4 address. At least ipv4\_enabled must be enabled or a private\_network must be configured. | `bool` | n/a | yes |
diff --git a/terraform/modules/cloud_sql/main.tf b/terraform/modules/cloud_sql/main.tf
index 131d7d3..d86f1b9 100644
--- a/terraform/modules/cloud_sql/main.tf
+++ b/terraform/modules/cloud_sql/main.tf
@@ -12,6 +12,15 @@ resource "google_sql_database_instance" "hono_sql" {
     activation_policy           = var.sql_instance_activation_policy
     deletion_protection_enabled = var.sql_instance_deletion_protection_enabled
 
+    dynamic "maintenance_window" {
+      for_each = var.sql_instance_maintenance_window != null ? [1] : []
+      content {
+        day          = var.sql_instance_maintenance_window.day
+        hour         = var.sql_instance_maintenance_window.hour
+        update_track = var.sql_instance_maintenance_window.update_track
+      }
+    }
+
     ip_configuration {
       ipv4_enabled    = var.sql_public_ip_enable
       private_network = var.network_id
diff --git a/terraform/modules/cloud_sql/variables.tf b/terraform/modules/cloud_sql/variables.tf
index 03a24a2..d8c81e1 100644
--- a/terraform/modules/cloud_sql/variables.tf
+++ b/terraform/modules/cloud_sql/variables.tf
@@ -89,4 +89,13 @@ variable "sql_instance_backup_start_time" {
 variable "sql_instance_backup_count" {
   type        = number
   description = "The number of backups the Cloud SQL instance should retain."
-}
\ No newline at end of file
+}
+
+variable "sql_instance_maintenance_window" {
+  type = object({
+    day          = number,
+    hour         = number,
+    update_track = string
+  })
+  description = "The maintenance window settings for the cloud sql instance. For details see: https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance"
+}