Using the Cloud SQL API

Google Cloud SQL provides a REST API for administering your instances programmatically. The REST API is defined by BackupRuns, Databases, Instances, Flags, Operations, SslCerts, Tiers, and Users resources. Each resource supports methods for accessing and working with it. For example, the Instances resource supports methods such as get, insert, and list. For details of all the resources and their methods, see the Google Cloud SQL API Reference.

When you send requests directly to the Google Cloud SQL REST API, you must create the correct form of the request, authorize the request as an authenticated user, and process any responses returned. The Examples section below shows how to do this using cURL.

You are also using the Google Cloud SQL REST API, indirectly, when you use any of the following ways of administering instances:

The advantage of using these methods, especially the Google Cloud Platform Console, is that they can greatly simplify administering your instances (depending on your use case). If you are just starting out with Google Cloud SQL, we recommend that you start with the one of these tools first before working with the REST API directly.

Contents

Activating the API

To use the Google Cloud SQL API, you need to activate it in the Google Cloud Platform Console:

  1. In the Google Cloud Platform Console, select a project.

  2. In the API Manager component, click on Google Cloud SQL API.

  3. In the Google Cloud SQL API component, select Enable API.

Note that the Google Cloud SQL API component is different than the Google Cloud SQL component. The latter component must be enabled for you to manage instances in the Google Cloud Platform Console and the Cloud SDK.

Authorizing requests

Every request your application sends to the Google Cloud SQL API must include an authorization token. The token also identifies your application to Google.

About authorization protocols

Your application must use OAuth 2.0 to authorize requests. No other authorization protocols are supported. If your application uses Google Sign-In, some aspects of authorization are handled for you.

Authorizing requests with OAuth 2.0

All requests to the Google Cloud SQL API must be authorized by an authenticated user.

The details of the authorization process, or "flow," for OAuth 2.0 vary somewhat depending on what kind of application you're writing. The following general process applies to all application types:

  1. When you create your application, you register it using the Google Cloud Platform Console. Google then provides information you'll need later, such as a client ID and a client secret.
  2. Activate the Google Cloud SQL API in the Google Cloud Platform Console. (If the API isn't listed in the Cloud Platform Console, then skip this step.)
  3. When your application needs access to user data, it asks Google for a particular scope of access.
  4. Google displays a consent screen to the user, asking them to authorize your application to request some of their data.
  5. If the user approves, then Google gives your application a short-lived access token.
  6. Your application requests user data, attaching the access token to the request.
  7. If Google determines that your request and the token are valid, it returns the requested data.

Some flows include additional steps, such as using refresh tokens to acquire new access tokens. For detailed information about flows for various types of applications, see Google's OAuth 2.0 documentation.

Here's the OAuth 2.0 scope information for the Google Cloud SQL API:

Scope Meaning
https://www.googleapis.com/auth/sqlservice.admin Read/write access to Google Cloud SQL.
https://www.googleapis.com/auth/cloud-platform Instances.import and Instances.export need this additional scope.

To request access using OAuth 2.0, your application needs the scope information, as well as information that Google supplies when you register your application (such as the client ID and the client secret).

Google Cloud SQL and Google APIs Discovery Service

Google APIs Discovery Service is a service that you can use to discover Google APIs. For example, when you use the Google APIs Explorer tool, you are using the Discovery Service. In the Discovery Service, Google Cloud SQL is represented as "sqladmin" (for example: https://www.googleapis.com/discovery/v1/apis/sqladmin/v1beta4/sql.operation). This is different than the base path "sql" that you use in requests to the REST API (for example: https://www.googleapis.com/sql/v1beta4/projects/example-id/instances).

Some client libraries also use the Discovery Service. In the client creation code, be sure to use "sqladmin" to access the correct discovery document. For more information, see Client Libraries.

Google Cloud SQL API examples

This section shows some examples of submitting requests to the Google Cloud SQL API from the command line using the Google Cloud SDK and cURL commands. After you authenticate once with the Cloud SDK (gcloud auth login), all subsequent authentication is handled for you. When you use the cURL command, you need to provide an authentication token for each request.

For a more complete set of examples using the Google Cloud SDK to manage your instances, see Managing Instances Using the Cloud SDK. To create Google Cloud SQL instances, you must enable billing for your project.

For more examples of using the APIs, see the page for the request in the Google Cloud SQL API Reference. Each page has examples calling the API in several programming languages, as well as a request-specific Explorer to help you see what goes into a well-formed request and what to expect in the response.

Request the available tiers

To test your access to the Google Cloud SQL API, try requesting information about the available tiers (such as D1, D2 and so on). You need an access token to request the list of tiers, but you do not need any project-specific information.

The following example sends a request to list the available tiers.

gcloud

Uses the gcloud sql command line tool in the Google Cloud SDK.

$ gcloud sql tiers list

cURL

Uses cURL.

curl --header 'Authorization: Bearer accessToken' \
     --header 'Content-Type: application/json' \
     https://www.googleapis.com/sql/v1beta4/projects/your-project-id/tiers

Get the Google Cloud SQL instances in a project

The following example sends a request to list the Google Cloud SQL instances in the project whose ID is your-project-id.

gcloud

Uses the gcloud sql command line tool in the Google Cloud SDK.

$ gcloud config set project your-project-id
$ gcloud sql instances list

cURL

Uses cURL.

curl --header 'Authorization: Bearer accessToken' \
     --header 'Content-Type: application/json' \
     https://www.googleapis.com/sql/v1beta4/projects/your-project-id/instances

Get information about a Google Cloud SQL instance

The following example sends a request to get information about the your-instance-name instance in your-project-id project.

gcloud

Uses the gcloud sql command line tool in the Google Cloud SDK.

$ gcloud config set project your-project-id
$ gcloud sql instances describe your-instance-name

cURL

Uses cURL.

curl --header 'Authorization: Bearer accessToken' \
     --header 'Content-Type: application/json' \
     https://www.googleapis.com/sql/v1beta4/projects/your-project-id/instances/your-instance-name

Create a First Generation instance

The following command sends a request to insert (create) a new Google Cloud SQL D2 instance named your-instance-name in the your-project-id project. You can get information about the newly created instance and check when the instance state to see if the instance is ready to use.

gcloud

Uses the gcloud sql command line tool in the Google Cloud SDK.

$ gcloud config set project your-project-id
$ gcloud sql instances create your-instance-name --tier D2

cURL

Uses cURL.

curl --header 'Authorization: Bearer accessToken' \
     --header 'Content-Type: application/json' \
     https://www.googleapis.com/sql/v1beta4/projects/your-project-id/instances \
     --data '{"instance" : "your-instance-name", "project" : "your-project-id", "settings" : {"tier" : "D2"}}' -X POST

Import a database from a MySQL dump file on Google Cloud Storage into a Google Cloud SQL instance

The following commands send a request to import a SQL dump file into the your-instance-name instance in the your-project-id project.

gcloud

Uses the gcloud sql command line tool in the Google Cloud SDK.

$ gcloud config set project your-project-id
$ gcloud sql instances import your-instance-name gs://yourbucket/sqldumptoimport.gz

cURL

Uses cURL.

curl --header 'Authorization: Bearer accessToken' \
     --header 'Content-Type: application/json' \
     https://www.googleapis.com/sql/v1beta4/projects/your-project-id/instances/your-instance-name/import  \
    --data '{"importContext" : { "kind": "sql#importContext","uri": ["gs://yourbucket/sqldumptoimport"]}}' -X POST

Send feedback about...

Cloud SQL Documentation