Connect to Cloud SQL for PostgreSQL from Cloud Functions

Learn how to deploy a sample app on Cloud Functions connected to a PostgreSQL instance by using the Google Cloud console and a client application.

Assuming that you complete all the steps in a timely manner, the resources created in this quickstart typically cost less than one dollar (USD).

Before you begin

  1. Sign in to your Google Cloud account. If you're new to Google Cloud, create an account to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.
  2. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

    Go to project selector

  3. Make sure that billing is enabled for your Google Cloud project.

  4. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

    Go to project selector

  5. Make sure that billing is enabled for your Google Cloud project.

  6. Enable the Cloud APIs necessary to run a Cloud SQL sample app on Cloud Functions.

    Console

    Click Enable APIs to enable the APIs required for this quickstart.

    Enable APIs

    This enables the following APIs:

    • Cloud Functions API
    • Cloud SQL Admin API
    • Cloud Run Admin API
    • Cloud Build API
    • Artifact Registry API
    • Eventarc API
    • Compute Engine API
    • Service Networking API
    • Cloud Logging API

    gcloud

    Click the following button to open Cloud Shell, which provides command-line access to your Google Cloud resources directly from the browser. Cloud Shell can be used to run the gcloud commands presented throughout this quickstart.

    Open Cloud Shell

    Run the following gcloud command using Cloud Shell:

    gcloud services enable cloudfunctions.googleapis.com sqladmin.googleapis.com run.googleapis.com cloudbuild.googleapis.com artifactregistry.googleapis.com eventarc.googleapis.com compute.googleapis.com servicenetworking.googleapis.com pubsub.googleapis.com logging.googleapis.com

    This command enables the following APIs:

    • Cloud Functions API
    • Cloud SQL Admin API
    • Cloud Run API
    • Cloud Build API
    • Artifact Registry API
    • Eventarc API
    • Compute Engine API
    • Service Networking API
    • Cloud Logging API
  7. Add the Cloud Functions Invoker IAM role to your user.

    Add the role

Set up Cloud SQL

Create a Cloud SQL instance

Create a database

Console

  1. In the Google Cloud console, go to the Cloud SQL Instances page.

    Go to Cloud SQL Instances

  2. Select quickstart-instance.
  3. From the SQL navigation menu, select Databases.
  4. Click Create database.
    1. In the Database name field of the New database dialog box, enter quickstart-db.
    2. Click Create.

gcloud

Run the gcloud sql databases create command to create a database.

gcloud sql databases create quickstart-db --instance=quickstart-instance

Create a user

Console

  1. In the Google Cloud console, go to the Cloud SQL Instances page.

    Go to Cloud SQL Instances

  2. To open the Overview page of an instance, click the instance name.
  3. From the SQL navigation menu, select Users.
  4. Click Add user account.
  5. In the Add a user account page for the quickstart-instance, add the following information:
    • In the Username field, enter quickstart-user.
    • In the Password field, specify a password for your database user. Make a note of this for use in a later step of this quickstart.
  6. Click Add.

gcloud

Before running the following command, make the following replacements:

  1. DB_PASS with a password for your database user. Make a note of this for use in a later step of this quickstart.

Run the gcloud sql users create command to create the user.

gcloud sql users create quickstart-user \
--instance=quickstart-instance \
--password=DB_PASS

User name length limits are the same for Cloud SQL as for on-premises PostgreSQL.

Configure a Cloud Functions service account

Configure the service account used by Cloud Functions so that it has the Cloud SQL Client role with permissions to connect to Cloud SQL.

Console

  1. In the Google Cloud console, go to the IAM page.

    Go to IAM

  2. For the service account named Compute Engine default service account, click the pencil icon.
  3. Click ADD ANOTHER ROLE.
  4. Add the Role named Cloud SQL Client.
  5. Click Save.

gcloud

  1. Run the following gcloud command to get a list of your project's service accounts:
    gcloud iam service-accounts list
  2. Copy the EMAIL of the Compute Engine service account.
  3. Run the following command to add the Cloud SQL Client role to Compute Engine service account:
    gcloud projects add-iam-policy-binding YOUR_PROJECT_ID \
      --member="serviceAccount:SERVICE_ACCOUNT_EMAIL" \
      --role="roles/cloudsql.client"

Create a function

  1. In the Google Cloud console, go to the Cloud Functions page.

    Go to Cloud Functions

  2. Click Create function.
  3. For the Environment, select 2nd gen.
  4. In the Function name field, enter quickstart-function.
  5. In the Authentication region, select Allow unauthenticated invocations.
  6. Click Next.
  7. From the Runtime menu, select one of the following languages:
  8. Language Version number
    Go 1.20
    Java 17
    Node.js 18
    Python 3.10
  9. In the Source code menu, verify that the Inline editor is selected. In this step, you use the default function provided in the editor.

Deploy the function

  1. At the bottom of the Cloud Functions page, click Deploy. The Google Cloud console redirects you to the function's details page.
  2. When the function deployment is complete, click the URL link to see a web browser displaying the message Hello, World!.

Deploy the Cloud SQL sample app as a function

You configure and deploy the Cloud SQL sample app as a function in Cloud Functions. First, you use Cloud Shell to configure and build the sample app. Then, you use Cloud Functions to deploy the sample app.

There are two ways to configure, build, and deploy the app depending on if you created a Cloud SQL for PostgreSQL instance with a Public IP or a Private IP.

Configure a Cloud SQL sample app

Deploy the sample app

The steps to deploy the sample to Cloud Functions depend on the type of IP address you assigned to your Cloud SQL instance.

Clean up

To avoid incurring charges to your Google Cloud account for the resources used on this page, follow these steps.

  1. In the Google Cloud console, go to the Cloud SQL Instances page.

    Go to Cloud SQL Instances

  2. Select the quickstart-instance instance to open the Instance details page.
  3. In the icon bar at the top of the page, click Delete.
  4. In the Delete instance dialog box, type quickstart-instance, and then click Delete to delete the instance.
  5. In the Google Cloud console, go to the Cloud Functions page.

    Go to Cloud Functions

  6. Select the checkbox next to the quickstart-function service name.
  7. Click Delete at the top of the Cloud Functions page.

Optional cleanup steps

If you're not using the Cloud SQL client role that you assigned to the Compute Engine service account, you can remove it.

  1. In the Google Cloud console, go to the IAM page.

    Go to IAM

  2. Click the edit icon (which looks like a pencil) for the IAM account named Compute Engine default service account.
  3. Delete the Cloud SQL client role.
  4. Click Save.

If you're not using the APIs that were enabled as part of this quickstart, you can disable them.

  • APIs that were enabled within this quickstart:
    • Compute Engine API
    • Cloud SQL Admin API
    • Cloud Run API
    • Container Registry API
    • Cloud Build API
  1. In the Google Cloud console, go to the APIs page.

    Go to APIs

  2. Select any API that you would like to disable and then click the Disable API button.

What's next

Based on your needs, you can learn more about creating Cloud SQL instances.

You also can learn about creating PostgreSQL users and databases for your Cloud SQL instance.

For more information about pricing, see Cloud SQL for PostgreSQL pricing.

Learn more about:

  • Configuring your Cloud SQL instance with a public IP address.
  • Configuring your Cloud SQL instance with a private IP address.

Additionally, you can learn about connecting to a Cloud SQL instance from other Google Cloud applications: