diff --git a/dev/managedservicesplatform/internal/resource/cloudsql/cloudsql.go b/dev/managedservicesplatform/internal/resource/cloudsql/cloudsql.go
index fafd9d8a856..52791bf7174 100644
--- a/dev/managedservicesplatform/internal/resource/cloudsql/cloudsql.go
+++ b/dev/managedservicesplatform/internal/resource/cloudsql/cloudsql.go
@@ -64,6 +64,17 @@ func New(scope constructs.Construct, id resourceid.ID, config Config) (*Output,
 		pointers.Deref(config.Spec.CPU, 1),
 		pointers.Deref(config.Spec.MemoryGB, 4)*1024)
 
+	databaseFlags := []sqldatabaseinstance.SqlDatabaseInstanceSettingsDatabaseFlags{{
+		Name:  pointers.Ptr("cloudsql.iam_authentication"),
+		Value: pointers.Ptr("on"),
+	}}
+	if config.Spec.MaxConnections != nil {
+		databaseFlags = append(databaseFlags, sqldatabaseinstance.SqlDatabaseInstanceSettingsDatabaseFlags{
+			Name:  pointers.Ptr("max_connections"),
+			Value: pointers.Stringf("%d", *config.Spec.MaxConnections),
+		})
+	}
+
 	instance := sqldatabaseinstance.NewSqlDatabaseInstance(scope, id.TerraformID("instance"), &sqldatabaseinstance.SqlDatabaseInstanceConfig{
 		Project: &config.ProjectID,
 		Region:  &config.Region,
@@ -89,10 +100,7 @@ func New(scope constructs.Construct, id resourceid.ID, config Config) (*Output,
 			DiskAutoresize:      pointers.Ptr(true),
 			DiskAutoresizeLimit: pointers.Float64(0),
 
-			DatabaseFlags: []sqldatabaseinstance.SqlDatabaseInstanceSettingsDatabaseFlags{{
-				Name:  pointers.Ptr("cloudsql.iam_authentication"),
-				Value: pointers.Ptr("on"),
-			}},
+			DatabaseFlags: databaseFlags,
 
 			// 🚨SECURITY🚨 SOC2/CI-79
 			// Production disks for MSP are configured with daily snapshots and retention set at ninety days,
diff --git a/dev/managedservicesplatform/spec/environment.go b/dev/managedservicesplatform/spec/environment.go
index 247029d8392..094e6a808de 100644
--- a/dev/managedservicesplatform/spec/environment.go
+++ b/dev/managedservicesplatform/spec/environment.go
@@ -611,6 +611,8 @@ type EnvironmentResourcePostgreSQLSpec struct {
 	// Defaults to 4 (to meet CloudSQL minimum). You must request 0.9 to 6.5 GB
 	// per vCPU.
 	MemoryGB *int `yaml:"memoryGB,omitempty"`
+	// Defaults to whatever CloudSQL provides. Must be between 14 and 262143.
+	MaxConnections *int `yaml:"maxConnections,omitempty"`
 }
 
 func (EnvironmentResourcePostgreSQLSpec) ResourceKind() string { return "PostgreSQL instance" }