SQLInstance

Property Value
Google Cloud Service Name Cloud SQL
Google Cloud Service Documentation /sql/docs/
Google Cloud REST Resource Name v1beta4.instance
Google Cloud REST Resource Documentation /sql/docs/postgres/admin-api/v1beta4/instances
Config Connector Resource Short Names gcpsqlinstance
gcpsqlinstances
sqlinstance
Config Connector Service Name sqladmin.googleapis.com
Config Connector Resource Fully Qualified Name sqlinstances.sql.cnrm.cloud.google.com
Can Be Referenced by IAMPolicy/IAMPolicyMember No

Custom Resource Definition Properties

Annotations

Fields
cnrm.cloud.google.com/project-id

Spec

Schema

  databaseVersion: string
  encryptionKMSCryptoKeyRef:
    external: string
    name: string
    namespace: string
  masterInstanceRef:
    external: string
    name: string
    namespace: string
  region: string
  replicaConfiguration:
    caCertificate: string
    clientCertificate: string
    clientKey: string
    connectRetryInterval: integer
    dumpFilePath: string
    failoverTarget: boolean
    masterHeartbeatPeriod: integer
    password:
      value: string
      valueFrom:
        secretKeyRef:
          key: string
          name: string
    sslCipher: string
    username: string
    verifyServerCertificate: boolean
  resourceID: string
  rootPassword:
    value: string
    valueFrom:
      secretKeyRef:
        key: string
        name: string
  settings:
    activationPolicy: string
    authorizedGaeApplications:
    - string
    availabilityType: string
    backupConfiguration:
      backupRetentionSettings:
        retainedBackups: integer
        retentionUnit: string
      binaryLogEnabled: boolean
      enabled: boolean
      location: string
      pointInTimeRecoveryEnabled: boolean
      startTime: string
      transactionLogRetentionDays: integer
    crashSafeReplication: boolean
    databaseFlags:
    - name: string
      value: string
    diskAutoresize: boolean
    diskAutoresizeLimit: integer
    diskSize: integer
    diskType: string
    insightsConfig:
      queryInsightsEnabled: boolean
      queryStringLength: integer
      recordApplicationTags: boolean
      recordClientAddress: boolean
    ipConfiguration:
      authorizedNetworks:
      - expirationTime: string
        name: string
        value: string
      ipv4Enabled: boolean
      privateNetworkRef:
        external: string
        name: string
        namespace: string
      requireSsl: boolean
    locationPreference:
      followGaeApplication: string
      zone: string
    maintenanceWindow:
      day: integer
      hour: integer
      updateTrack: string
    pricingPlan: string
    replicationType: string
    tier: string
Fields

databaseVersion

Optional

string

Immutable. The MySQL, PostgreSQL or SQL Server (beta) version to use. Supported values include MYSQL_5_6, MYSQL_5_7, MYSQL_8_0, POSTGRES_9_6, POSTGRES_10, POSTGRES_11, POSTGRES_12, POSTGRES_13, SQLSERVER_2017_STANDARD, SQLSERVER_2017_ENTERPRISE, SQLSERVER_2017_EXPRESS, SQLSERVER_2017_WEB. Database Version Policies includes an up-to-date reference of supported versions.

encryptionKMSCryptoKeyRef

Optional

object

encryptionKMSCryptoKeyRef.external

Optional

string

The name of a KMSCryptoKey.

encryptionKMSCryptoKeyRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

encryptionKMSCryptoKeyRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

masterInstanceRef

Optional

object

masterInstanceRef.external

Optional

string

The name of a SQLInstance.

masterInstanceRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

masterInstanceRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

region

Optional

string

Immutable. The region the instance will sit in. Note, Cloud SQL is not available in all regions. A valid region must be provided to use this resource. If a region is not provided in the resource definition, the provider region will be used instead, but this will be an apply-time error for instances if the provider region is not supported with Cloud SQL. If you choose not to provide the region argument for this resource, make sure you understand this.

replicaConfiguration

Optional

object

The configuration for replication.

replicaConfiguration.caCertificate

Optional

string

Immutable. PEM representation of the trusted CA's x509 certificate.

replicaConfiguration.clientCertificate

Optional

string

Immutable. PEM representation of the replica's x509 certificate.

replicaConfiguration.clientKey

Optional

string

Immutable. PEM representation of the replica's private key. The corresponding public key in encoded in the client_certificate.

replicaConfiguration.connectRetryInterval

Optional

integer

Immutable. The number of seconds between connect retries.

replicaConfiguration.dumpFilePath

Optional

string

Immutable. Path to a SQL file in Google Cloud Storage from which replica instances are created. Format is gs://bucket/filename.

replicaConfiguration.failoverTarget

Optional

boolean

Immutable. Specifies if the replica is the failover target. If the field is set to true the replica will be designated as a failover replica. If the master instance fails, the replica instance will be promoted as the new master instance.

replicaConfiguration.masterHeartbeatPeriod

Optional

integer

Immutable. Time in ms between replication heartbeats.

replicaConfiguration.password

Optional

object

Immutable. Password for the replication connection.

replicaConfiguration.password.value

Optional

string

Value of the field. Cannot be used if 'valueFrom' is specified.

replicaConfiguration.password.valueFrom

Optional

object

Source for the field's value. Cannot be used if 'value' is specified.

replicaConfiguration.password.valueFrom.secretKeyRef

Optional

object

Reference to a value with the given key in the given Secret in the resource's namespace.

replicaConfiguration.password.valueFrom.secretKeyRef.key

Required*

string

Key that identifies the value to be extracted.

replicaConfiguration.password.valueFrom.secretKeyRef.name

Required*

string

Name of the Secret to extract a value from.

replicaConfiguration.sslCipher

Optional

string

Immutable. Permissible ciphers for use in SSL encryption.

replicaConfiguration.username

Optional

string

Immutable. Username for replication connection.

replicaConfiguration.verifyServerCertificate

Optional

boolean

Immutable. True if the master's common name value is checked during the SSL handshake.

resourceID

Optional

string

Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default.

rootPassword

Optional

object

Immutable. Initial root password. Required for MS SQL Server, ignored by MySQL and PostgreSQL.

rootPassword.value

Optional

string

Value of the field. Cannot be used if 'valueFrom' is specified.

rootPassword.valueFrom

Optional

object

Source for the field's value. Cannot be used if 'value' is specified.

rootPassword.valueFrom.secretKeyRef

Optional

object

Reference to a value with the given key in the given Secret in the resource's namespace.

rootPassword.valueFrom.secretKeyRef.key

Required*

string

Key that identifies the value to be extracted.

rootPassword.valueFrom.secretKeyRef.name

Required*

string

Name of the Secret to extract a value from.

settings

Required

object

The settings to use for the database. The configuration is detailed below.

settings.activationPolicy

Optional

string

This specifies when the instance should be active. Can be either ALWAYS, NEVER or ON_DEMAND.

settings.authorizedGaeApplications

Optional

list (string)

DEPRECATED — This property is only applicable to First Generation instances, and First Generation instances are now deprecated. This property is only applicable to First Generation instances. First Generation instances are now deprecated, see https://cloud.google.com/sql/docs/mysql/deprecation-notice for information on how to upgrade to Second Generation instances. A list of Google App Engine project names that are allowed to access this instance.

settings.authorizedGaeApplications.[]

Optional

string

settings.availabilityType

Optional

string

The availability type of the Cloud SQL instance, high availability (REGIONAL) or single zone (ZONAL). For MySQL instances, ensure that settings.backup_configuration.enabled and settings.backup_configuration.binary_log_enabled are both set to true.

settings.backupConfiguration

Optional

object

settings.backupConfiguration.backupRetentionSettings

Optional

object

settings.backupConfiguration.backupRetentionSettings.retainedBackups

Required*

integer

Number of backups to retain.

settings.backupConfiguration.backupRetentionSettings.retentionUnit

Optional

string

The unit that 'retainedBackups' represents. Defaults to COUNT

settings.backupConfiguration.binaryLogEnabled

Optional

boolean

True if binary logging is enabled. If settings.backup_configuration.enabled is false, this must be as well. Cannot be used with Postgres.

settings.backupConfiguration.enabled

Optional

boolean

True if backup configuration is enabled.

settings.backupConfiguration.location

Optional

string

Location of the backup configuration.

settings.backupConfiguration.pointInTimeRecoveryEnabled

Optional

boolean

True if Point-in-time recovery is enabled.

settings.backupConfiguration.startTime

Optional

string

HH:MM format time indicating when backup configuration starts.

settings.backupConfiguration.transactionLogRetentionDays

Optional

integer

The number of days of transaction logs we retain for point in time restore, from 1-7.

settings.crashSafeReplication

Optional

boolean

DEPRECATED — This property is only applicable to First Generation instances, and First Generation instances are now deprecated. This property is only applicable to First Generation instances. First Generation instances are now deprecated, see here for information on how to upgrade to Second Generation instances. Specific to read instances, indicates when crash-safe replication flags are enabled.

settings.databaseFlags

Optional

list (object)

settings.databaseFlags.[]

Optional

object

settings.databaseFlags.[].name

Required*

string

Name of the flag.

settings.databaseFlags.[].value

Required*

string

Value of the flag.

settings.diskAutoresize

Optional

boolean

settings.diskAutoresizeLimit

Optional

integer

The maximum size, in GB, to which storage capacity can be automatically increased. The default value is 0, which specifies that there is no limit.

settings.diskSize

Optional

integer

The size of data disk, in GB. Size of a running instance cannot be reduced but can be increased.

settings.diskType

Optional

string

The type of data disk: PD_SSD or PD_HDD.

settings.insightsConfig

Optional

object

Configuration of Query Insights.

settings.insightsConfig.queryInsightsEnabled

Optional

boolean

True if Query Insights feature is enabled.

settings.insightsConfig.queryStringLength

Optional

integer

Maximum query length stored in bytes. Between 256 and 4500. Default to 1024.

settings.insightsConfig.recordApplicationTags

Optional

boolean

True if Query Insights will record application tags from query when enabled.

settings.insightsConfig.recordClientAddress

Optional

boolean

True if Query Insights will record client address when enabled.

settings.ipConfiguration

Optional

object

settings.ipConfiguration.authorizedNetworks

Optional

list (object)

settings.ipConfiguration.authorizedNetworks.[]

Optional

object

settings.ipConfiguration.authorizedNetworks.[].expirationTime

Optional

string

settings.ipConfiguration.authorizedNetworks.[].name

Optional

string

settings.ipConfiguration.authorizedNetworks.[].value

Required*

string

settings.ipConfiguration.ipv4Enabled

Optional

boolean

Whether this Cloud SQL instance should be assigned a public IPV4 address. At least ipv4_enabled must be enabled or a private_network must be configured.

settings.ipConfiguration.privateNetworkRef

Optional

object

settings.ipConfiguration.privateNetworkRef.external

Optional

string

The selfLink of a ComputeNetwork.

settings.ipConfiguration.privateNetworkRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

settings.ipConfiguration.privateNetworkRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

settings.ipConfiguration.requireSsl

Optional

boolean

settings.locationPreference

Optional

object

settings.locationPreference.followGaeApplication

Optional

string

A Google App Engine application whose zone to remain in. Must be in the same region as this instance.

settings.locationPreference.zone

Optional

string

The preferred compute engine zone.

settings.maintenanceWindow

Optional

object

Declares a one-hour maintenance window when an Instance can automatically restart to apply updates. The maintenance window is specified in UTC time.

settings.maintenanceWindow.day

Optional

integer

Day of week (1-7), starting on Monday

settings.maintenanceWindow.hour

Optional

integer

Hour of day (0-23), ignored if day not set

settings.maintenanceWindow.updateTrack

Optional

string

Receive updates earlier (canary) or later (stable)

settings.pricingPlan

Optional

string

Pricing plan for this instance, can only be PER_USE.

settings.replicationType

Optional

string

DEPRECATED — This property is only applicable to First Generation instances, and First Generation instances are now deprecated. This property is only applicable to First Generation instances. First Generation instances are now deprecated, see here for information on how to upgrade to Second Generation instances. Replication type for this instance, can be one of ASYNCHRONOUS or SYNCHRONOUS.

settings.tier

Required

string

The machine type to use. See tiers for more details and supported versions. Postgres supports only shared-core machine types, and custom machine types such as db-custom-2-13312. See the Custom Machine Type Documentation to learn about specifying custom machine types.

* Field is required when parent field is specified

Status

Schema

  conditions:
  - lastTransitionTime: string
    message: string
    reason: string
    status: string
    type: string
  connectionName: string
  firstIpAddress: string
  ipAddress:
  - ipAddress: string
    timeToRetire: string
    type: string
  observedGeneration: integer
  privateIpAddress: string
  publicIpAddress: string
  selfLink: string
  serverCaCert:
    cert: string
    commonName: string
    createTime: string
    expirationTime: string
    sha1Fingerprint: string
  serviceAccountEmailAddress: string
Fields
conditions

list (object)

Conditions represent the latest available observation of the resource's current state.

conditions.[]

object

conditions.[].lastTransitionTime

string

Last time the condition transitioned from one status to another.

conditions.[].message

string

Human-readable message indicating details about last transition.

conditions.[].reason

string

Unique, one-word, CamelCase reason for the condition's last transition.

conditions.[].status

string

Status is the status of the condition. Can be True, False, Unknown.

conditions.[].type

string

Type is the type of the condition.

connectionName

string

The connection name of the instance to be used in connection strings. For example, when connecting with Cloud SQL Proxy.

firstIpAddress

string

ipAddress

list (object)

ipAddress.[]

object

ipAddress.[].ipAddress

string

ipAddress.[].timeToRetire

string

ipAddress.[].type

string

observedGeneration

integer

ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource.

privateIpAddress

string

publicIpAddress

string

selfLink

string

The URI of the created resource.

serverCaCert

object

serverCaCert.cert

string

The CA Certificate used to connect to the SQL Instance via SSL.

serverCaCert.commonName

string

The CN valid for the CA Cert.

serverCaCert.createTime

string

Creation time of the CA Cert.

serverCaCert.expirationTime

string

Expiration time of the CA Cert.

serverCaCert.sha1Fingerprint

string

SHA Fingerprint of the CA Cert.

serviceAccountEmailAddress

string

The service account email address assigned to the instance.

Sample YAML(s)

Mysql SQL Instance

  # Copyright 2020 Google LLC
  #
  # Licensed under the Apache License, Version 2.0 (the "License");
  # you may not use this file except in compliance with the License.
  # You may obtain a copy of the License at
  #
  #     http://www.apache.org/licenses/LICENSE-2.0
  #
  # Unless required by applicable law or agreed to in writing, software
  # distributed under the License is distributed on an "AS IS" BASIS,
  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  # See the License for the specific language governing permissions and
  # limitations under the License.
  
  apiVersion: sql.cnrm.cloud.google.com/v1beta1
  kind: SQLInstance
  metadata:
    name: sqlinstance-sample-mysql
  spec:
    databaseVersion: MYSQL_5_7
    region: us-central1
    settings:
      tier: db-f1-micro

Mysql SQL Instance High Availability

  # Copyright 2020 Google LLC
  #
  # Licensed under the Apache License, Version 2.0 (the "License");
  # you may not use this file except in compliance with the License.
  # You may obtain a copy of the License at
  #
  #     http://www.apache.org/licenses/LICENSE-2.0
  #
  # Unless required by applicable law or agreed to in writing, software
  # distributed under the License is distributed on an "AS IS" BASIS,
  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  # See the License for the specific language governing permissions and
  # limitations under the License.
  
  apiVersion: sql.cnrm.cloud.google.com/v1beta1
  kind: SQLInstance
  metadata:
    name: sqlinstance-sample-mysqlhighavailability
  spec:
    databaseVersion: MYSQL_5_7
    region: us-central1
    settings:
      tier: db-g1-small
      diskSize: 25
      diskType: PD_SSD
      availabilityType: REGIONAL
      backupConfiguration:
        binaryLogEnabled: true
        enabled: true

Mysql SQL Instance With Replication

  # Copyright 2020 Google LLC
  #
  # Licensed under the Apache License, Version 2.0 (the "License");
  # you may not use this file except in compliance with the License.
  # You may obtain a copy of the License at
  #
  #     http://www.apache.org/licenses/LICENSE-2.0
  #
  # Unless required by applicable law or agreed to in writing, software
  # distributed under the License is distributed on an "AS IS" BASIS,
  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  # See the License for the specific language governing permissions and
  # limitations under the License.
  
  apiVersion: sql.cnrm.cloud.google.com/v1beta1
  kind: SQLInstance
  metadata:
    name: sqlinstance-sample1-mysqlwithreplication
  spec:
    databaseVersion: MYSQL_5_7
    region: us-central1
    settings:
      tier: db-f1-micro
      backupConfiguration:
          binaryLogEnabled: true
          enabled: true
          startTime: "18:00"
      ipConfiguration:
        requireSsl: true
      locationPreference:
          zone: us-central1-b
  ---
  apiVersion: sql.cnrm.cloud.google.com/v1beta1
  kind: SQLInstance
  metadata:
    name: sqlinstance-sample2-mysqlwithreplication
  spec:
    databaseVersion: MYSQL_5_7
    region: us-central1
    masterInstanceRef: 
      name: sqlinstance-sample1-mysqlwithreplication
    replicaConfiguration:
      connectRetryInterval: 30
    settings:
      tier: db-f1-micro
      ipConfiguration:
        requireSsl: true
      locationPreference:
          zone: us-central1-c

Postgres SQL Instance High Availability

  # Copyright 2020 Google LLC
  #
  # Licensed under the Apache License, Version 2.0 (the "License");
  # you may not use this file except in compliance with the License.
  # You may obtain a copy of the License at
  #
  #     http://www.apache.org/licenses/LICENSE-2.0
  #
  # Unless required by applicable law or agreed to in writing, software
  # distributed under the License is distributed on an "AS IS" BASIS,
  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  # See the License for the specific language governing permissions and
  # limitations under the License.
  
  apiVersion: sql.cnrm.cloud.google.com/v1beta1
  kind: SQLInstance
  metadata:
    name: sqlinstance-sample-postgreshighavailability
  spec:
    databaseVersion: POSTGRES_9_6
    region: us-central1
    settings:
      tier: db-custom-1-3840
      availabilityType: REGIONAL

Private Ip Instance

  # Copyright 2020 Google LLC
  #
  # Licensed under the Apache License, Version 2.0 (the "License");
  # you may not use this file except in compliance with the License.
  # You may obtain a copy of the License at
  #
  #     http://www.apache.org/licenses/LICENSE-2.0
  #
  # Unless required by applicable law or agreed to in writing, software
  # distributed under the License is distributed on an "AS IS" BASIS,
  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  # See the License for the specific language governing permissions and
  # limitations under the License.
  
  apiVersion: sql.cnrm.cloud.google.com/v1beta1
  kind: SQLInstance
  metadata:
    name: sqlinstance-sample-private-ip
  spec:
    databaseVersion: MYSQL_5_7
    region: us-central1
    settings:
      tier: db-f1-micro
      ipConfiguration:
        ipv4Enabled: false
        privateNetworkRef:
          name: sqlinstance-dep-private-ip
  ---
  apiVersion: compute.cnrm.cloud.google.com/v1beta1
  kind: ComputeAddress
  metadata:
    name: sqlinstance-dep-private-ip
  spec:
    addressType: INTERNAL
    location: global
    purpose: VPC_PEERING
    prefixLength: 16
    networkRef:
      name: sqlinstance-dep-private-ip
  ---
  apiVersion: compute.cnrm.cloud.google.com/v1beta1
  kind: ComputeNetwork
  metadata:
    name: sqlinstance-dep-private-ip
  spec:
    autoCreateSubnetworks: false
  ---
  apiVersion: servicenetworking.cnrm.cloud.google.com/v1beta1
  kind: ServiceNetworkingConnection
  metadata:
    name: sqlinstance-dep-private-ip
  spec:
    networkRef:
      name: sqlinstance-dep-private-ip
    reservedPeeringRanges:
      - name: sqlinstance-dep-private-ip
    service: servicenetworking.googleapis.com