Console
    Contact Us Start free

    Configure Cloud SQL (PostgreSQL) in Application Design Center

    Cloud SQL (PostgreSQL) is a fully-managed database service that helps you set up, maintain, manage, and administer your relational databases on Google Cloud. For more information, see the following:

    This document describes the connections and parameters you can configure when using App Design Center to create a Cloud SQL (PostgreSQL) instance. The configuration parameters are based on the terraform-google-sql-db Terraform module.

    Component connections

    The following table includes the components that you can connect to a Cloud SQL (PostgreSQL) instance, and the resulting updates to your application and its generated Terraform code.

    Connected component

    Application updates

    Background information

    Compute Engine instance template

    • The Compute Engine instances can connect and read and write data to the Cloud SQL (PostgreSQL) instance.
    • The Cloud SQL connection metadata is added to the Compute Engine instance template.
    • The roles/cloudsql.instanceUser and roles/cloudsql.client roles are added to the Compute Engine instance template service account.
    • The Compute Engine service account is added as an IAM user to the Cloud SQL instance.
    Connect from Compute Engine
    Secret Manager
    • The Secret Manager Secret Datafield contains the password for the default user.
    Use Secret Manager to handle secrets in Cloud SQL

    Service account

    • The service account can connect to the Cloud SQL (PostgreSQL) instance.
    • The roles/cloudsql.instanceUser and roles/cloudsql.client roles are added to the service account.
    • The service account IAM information is added to the Cloud SQL instance.
    Roles and permissions

    Cloud Run

    • The Cloud Run service can read and write data to the Cloud SQL (PostgreSQL) instance.
    • The Cloud SQL connection metadata is added to the Cloud Run service.
    • The roles/cloudsql.instanceUser and roles/cloudsql.client roles are added to the Cloud Run service account.
    • The Cloud Run service account is added as an IAM user to the Cloud SQL instance.
    Connect from Cloud Run

    Required configuration parameters

    If your template includes a Cloud SQL (PostgreSQL) component, you must configure the following parameters before you deploy.

    Parameter name

    Description and constraint information

    Background information

    Project ID

    The project where you want to deploy the Cloud SQL resource.

    		 Configure components

    Name

    		 name Create a PostgreSQL instance

    Database Version

    		 databaseVersion Create a PostgreSQL instance

    Region

    		 region Manage instance locations

    Optional configuration parameters

    The following parameters are optional. To display advance parameters, in the Configurationarea, select Show advanced fields.

    Feature

    Parameter name

    Description and constraint information

    Background information

    Zone

    gceZone
    Manage instance locations

    Edition

    edition
    edition

    Availability Type

    availabilityType
    Availability in Cloud SQL

    Enable Default Db

    If selected, create a default database. In the Db Namefield, enter the name of the default database.

    Create a database on the Cloud SQL instance

    Enable Default User

    If selected, create a default user. Enter a User Nameand User Passwordfor the default user.

    Default PostgreSQL users

    Root Password

    rootPassword

    Initial root password when the instance is created.

    Database Deletion Policy

    To allow the database to be abandoned rather than deleted, enter ABANDON .

    PostgreSQL databases cannot be deleted if users other than cloudsqlsuperuser have access.

    Data Cache Enabled

    Data cache
    Data cache overview

    Machine

    Select a machine series and type for your instance. The options that you select determine available storage type and configuration options. You can't change the machine series after you create your instance.

    Machine series overview

    Disk Autoresize

    Disk Autoresize

    storageAutoResize
    Enable automatic storage increases

    Disk Autoresize Limit

    storageAutoResizeLimit
    Automatic storage increase limit

    Disk Size

    dataDiskSizeGb
    Storage capacity

    Disk Type

    dataDiskType
    Storage type

    Pricing Plan

    pricingPlan
    SqlPricingPlan

    Backup Configuration

    Enabled

    enabled
    Create a PostgreSQL instance

    Start Time

    BackupConfiguration

    Create a PostgreSQL instance

    Region

    location
    Custom backup locations

    Zone

    location
    Custom backup locations

    Point in Time Recovery Enabled

    pointInTimeRecoveryEnabled
    pointInTimeRecoveryEnabled

    Transaction Log Retention Days

    BackupConfiguration
    Log retention period

    Retained Backups

    transactionLogRetentionDays
    Logs and disk usage

    Retention Unit

    retentionUnit
    retentionUnit

    IP Configuration

    Authorized Network Key

    authorizedNetworks[]
    Authorize with authorized networks

    Authorized Network Value

    authorizedNetworks[]
    Authorize with authorized networks

    IPv4 Enabled

    ipv4Enabled
    Configure Public IP

    Private Network

    privateNetwork
    Configure Private IP

    SSL Mode

    sslMode
    SSL mode

    Allocate IP Range

    allocatedIpRange
    Allocated IP address ranges for services

    Enable Private Path for Google Cloud Services

    Private path for Google Cloud services
    Create an instance that supports private services access and Private Service Connect

    PSC Enabled

    psc_enabled
    Private Service Connect overview

    PSC Allowed Consumer Projects

    allowedConsumerProjects[]
    Create an instance that supports private services access and Private Service Connect

    Maintenance Version

    maintenanceVersion
    Self-service maintenance

    Deletion protection

    If selected, the Cloud SQL instance cannot be deleted.
    Prevent deletion of an instance

    Database flags

    Name

    databaseFlags
    Configure database flags

    Value

    databaseFlags
    Configure database flags

    User Deletion Policy

    To allow the user to be abandoned rather than deleted, enter ABANDON .

    PostgreSQL users cannot be deleted if they have been granted SQL roles.

    Additional Users

    Name

    name
    About PostgreSQL users and roles

    Password

    Enter a password, or select Random Passwordto generate a password.

    About PostgreSQL users and roles

    Additional Databases

    Name

    name
    Create and manage databases

    Collation

    collation
    Create and manage databases

    Master Instance Name

    masterInstanceName
    Create read replicas

    Instance Type

    instanceType
    SqlInstanceType

    Random Instance Name

    Add a random suffix to the end of the instance name.

    random_instance_name

    Secondary Zone

    The preferred zone for the replica instance.

    secondaryZone

    Follow GAE Application

    The App Engine application to follow. Must be in the same region as the Cloud SQL instance.

    followGaeApplication

    Activation Policy

    activationPolicy
    Activation Policy

    Deletion Protection Enabled

    deletionProtectionEnabled
    Prevent deletion of an instance

    Read Replica Deletion Protection Enabled

    To block Terraform from deleting replica SQL Instances, select the checkbox.

    Considering deletion protection for read replicas

    Maintenance Window

    Maintenance Window Day

    day
    About maintenance on Cloud SQL instances

    Maintenance Window Hour

    hour
    About maintenance on Cloud SQL instances

    Maintenance Window Update Track

    updateTrack
    About maintenance on Cloud SQL instances

    User Labels

    Key

    Key label for the Cloud SQL instance

    userLabels

    Value

    Value label for the Cloud SQL instance

    userLabels

    Deny Maintenance Period

    End Date

    endDate
    Configure a deny maintenance period

    Start Date

    startDate
    Configure a deny maintenance period

    Time

    time
    Configure a deny maintenance period

    Insights Config

    Query Plans Per Minute

    queryPlansPerMinute
    Use query insights to improve query performance

    Query String Length

    queryStringLength
    Use query insights to improve query performance

    Record Application Tags

    recordApplicationTags
    Enable query insights

    Record Client Address

    recordClientAddress
    Enable query insights

    Password Validation Policy Config

    Min Length

    minLength
    Set password policy

    Complexity

    complexity
    Set password policy

    Reuse Interval

    reuseInterval
    Set password policy

    Disallow Username Substring

    disallowUsernameSubstring
    Set password policy

    Password Change Interval

    passwordChangeInterval
    Set password policy

    Read Replicas

    Name

    read_replicas
    Read replicas

    Name Override

    A string to override the default read replica name.
    read_replicas

    Read Replica Name Suffix

    The optional suffix to add to the read instance name.

    Read replicas

    DB Charset

    charset
    Create a database on the Cloud SQL instance

    DB Collation

    collation
    Create a database on the Cloud SQL instance

    IAM Users

    ID

    The IAM user's ID.

    IAM authentication

    Email

    The IAM user's email.

    Add an individual IAM user or service account to a Cloud SQL instance

    Type

    type
    Add an individual IAM user or service account to a Cloud SQL instance

    Create Timeout

    The optional timeout that is applied to limit long database creates.

    create_timeout

    Update Timeout

    The optional timeout that is applied to limit long database updates.

    update_timeout

    Delete Timeout

    The optional timeout that is applied to limit long database deletes.

    delete_timeout

    Encryption Key Name

    encryption_key_name
    About client-side encryption

    Read Replica Deletion Protection

    If selected, blocks Terraform from deleting replica SQL Instances.

    deletion_protection

    Enable Random Password Special

    If selected, enables special characters in generated random passwords.

    enable_random_password_special

    Connector Enforcement

    connectorEnforcement
    Cloud SQL Language Connectors overview

    Enable Google ML Integration

    enable_google_ml_integration
    Build generative AI applications using Cloud SQL

    Database Integration Roles

    The roles required by the default database instance service account for integration with Google Cloud services.

    Before you begin
    Create a Mobile Website
    View Site in Mobile | Classic
    Share by: