This page provides information about the settings available for Cloud SQL instances.
Settings for Cloud SQL for PostgreSQL
Setting | Modifiable after creation? | Possible values |
---|---|---|
Instance ID | N | Composed of lowercase letters, numbers, and hyphens; must start with a letter. The total length must be 98 characters or less. |
Region | N |
For Cloud SQL Enterprise Plus edition:africa-south1 — Johannesburgasia-east1 — Taiwanasia-east2 — Hong Kongasia-northeast1 — Tokyoasia-northeast2 — Osakaasia-northeast3 — Seoulasia-south1 — Mumbaiasia-south2 — Delhiasia-southeast1 — Singaporeasia-southeast2 — Jakartaaustralia-southeast1 — Sydneyaustralia-southeast2 — Melbourneeurope-central2 — Warsaweurope-north1 — Finlandeurope-southwest1 — Madrideurope-west1 — Belgiumeurope-west2 — Londoneurope-west3 — Frankfurteurope-west4 — Netherlandseurope-west6 — Züricheurope-west8 — Milaneurope-west9 — Pariseurope-west10 — Berlineurope-west12 — Turinme-central1 — Dohame-central2 — Dammamme-west1 — Tel Avivnorthamerica-northeast1 — Montréalnorthamerica-northeast2 — Torontosouthamerica-east1 — San Paulosouthamerica-west1 — Santiagous-central1 — Iowaus-east1 — South Carolinaus-east4 — Northern Virginiaus-east5 — Columbusus-south1 — Dallasus-west1 — Oregonus-west2 — Los Angelesus-west3 — Salt Lake Cityus-west4 — Las VegasFor Cloud SQL Enterprise edition: africa-south1 — Johannesburgasia-east1 — Taiwanasia-east2 — Hong Kongasia-northeast1 — Tokyoasia-northeast2 — Osakaasia-northeast3 — Seoulasia-south1 — Mumbaiasia-south2 — Delhiasia-southeast1 — Singaporeasia-southeast2 — Jakartaaustralia-southeast1 — Sydneyaustralia-southeast2 — Melbourneeurope-central2 — Warsaweurope-north1 — Finlandeurope-southwest1 — Madrideurope-west1 — Belgiumeurope-west2 — Londoneurope-west3 — Frankfurteurope-west4 — Netherlandseurope-west6 — Züricheurope-west8 — Milaneurope-west9 — Pariseurope-west10 — Berlineurope-west12 — Turinme-central1 — Doha me-central2 — Dammamme-west1 — Tel Avivnorthamerica-northeast1 — Montréalnorthamerica-northeast2 — Torontonorthamerica-south1 - Mexicosouthamerica-east1 — São Paulosouthamerica-west1 — Santiagous-central1 — Iowaus-east1 — South Carolinaus-east4 — Northern Virginiaus-east5 — Columbusus-south1 — Dallasus-west1 — Oregonus-west2 — Los Angelesus-west3 — Salt Lake Cityus-west4 — Las Vegas |
Zone | Y | The possible values depend on the region. |
Database version | N |
For Cloud SQL Enterprise Plus edition:
Console string API enum string PostgreSQL 17 Console string API enum string PostgreSQL 17 |
SSL mode | Y | Enforces/enables SSL as follows:
|
Server CA mode | N | Lets you configure the server certificate authority (CA) for an instance. You can select one of the following available server CA options:
This instance setting is in Preview. |
Set edition | Y |
|
Set password policy | Y | Configured or not. |
Private IP | After it's activated, it can't be deactivated. | Activated or deactivated. |
Public IP | Y | Activated or deactivated. |
Authorized networks | Y | If Public IP is enabled, IP addresses authorized to connect to the instance. You can also specify this value as an IP address range, in CIDR notation. |
Private path for Google Cloud services | Y | Activated or deactivated. |
Data cache | Y | Activated or deactivated. |
Machine type | Y | Select from Shared core or Dedicated core. For Shared core, each machine type is classified by the number of CPUs (cores) and amount of memory for your instance. For Dedicated core, instead of selecting a predefined configuration, select the Custom radio button to create a custom machine type. Learn more |
Cores | Y |
For Cloud SQL Enterprise Plus edition: 2 to 128 (predefined machine types only) For Cloud SQL Enterprise edition: 1 to 96 (must be either 1 or an even number) Partial for shared vCPU |
Memory | Y |
For Cloud SQL Enterprise Plus edition:
6.75 GB to 8 GB per vCPU. The 6.75 GB to 1 vCPU ratio is for the db-perf-optimized-N-128 machine type only. All other machine types have the 8 GB to 1 vCPU ratio.
For Cloud SQL Enterprise edition: 0.9 GB to 6.5 GB per vCPU (must be a multiple of 256 MB and at least 3.75 GB). |
Storage type | N |
SSD (default value) HDD (Cloud SQL Enterprise edition only) |
Storage capacity | Y (Increase only) |
Instances with at least one unshared vCPU can have up to 64 TB. Instances with a shared vCPU can have up to 3054 GB. Note that creating or increasing storage capacity to 64 TB might increase latency of common operations, such as backups, dependent on your workload. |
Enable automatic storage increases | Y |
On (default value) Off |
Data encryption method | N |
Google-managed encryption key (default value) Cloud KMS key |
Automatic storage increase limit | Y | In GBs. 0 (the default) means there is no limit. |
Backups | Y |
On (default value) Off |
Locations options | Y | Multi-region (default value) Region There is also a drop-down menu with a list of multi-regions when you select Multi-region or regions when you select Region. |
Instance deletion protection | Y | Activated or deactivated. |
Enable point-in-time recovery | Y (see note) |
On (default value) Off |
Availability: Single zone | Y |
On (default value) Off |
High availability (regional) | Y |
On Off (default value) |
Maintenance: Maintenance window | Y |
Any (default value) Day of the week and hour of the day |
Maintenance: Maintenance timing | Y |
Any (default value) Canary (also Week 1 (was Earlier) / Preview) Stable (also Week 2 (was Later) / Production) Week 5 |
Database flags | Y | See Configuring Database Flags. |
- Instance ID
The instance ID is the name of the instance. It is used to uniquely identify your instance within the project. Choose an instance name that is aligned with the purpose of the instance when possible.
The total length of
You do not need to include the project ID in the instance name. This is done automatically where appropriate (for example, in the log files).project-ID:instance-ID
must be 98 characters or less.- Region
- The Google Cloud region where your instance is located. Regions are independent geographic areas that consist of zones. Zones and regions are logical abstractions of underlying physical resources. A region consists of three or more zones housed in three or more physical data centers. The regions Mexico, Osaka, and Montreal have three zones housed in one or two physical data centers. These regions are in the process of expanding to at least three physical data centers. When you architect your solutions in Google Cloud, consider the guidance in Cloud locations, Google Cloud Platform SLAs, and the appropriate Google Cloud product documentation. You can only set the region during instance creation. To improve performance, keep your data close to the services that need it. For more information, see Instance Locations.
- Zone
- The Google Cloud zone where your instance is located. If you are connecting from a Compute Engine instance, select the zone where the Compute Engine instance is located. Otherwise, accept the default zone. You can edit the instance later to change the zone, if needed. For more information, see Instance Locations.
- Machine Type
-
Determines memory and virtual cores available to your Cloud SQL instance. Machine type availability is determined by your Cloud SQL edition.
For workloads that require real-time processing, such as online transaction processing (OLTP), make sure that your instance has enough memory to contain the entire working set. However, there are other factors that can impact memory requirements, such as number of active connections, and internal overhead processes. You should perform load testing to avoid performance issues in your production environment.
When you configure your instance, select enough memory and vCPUs to handle your workload, and upgrade as your workload increases. A machine configuration with insufficient vCPUs could lose its SLA coverage. For more information, see Operational guidelines.
Machine types for Cloud SQL Enterprise Plus edition instances For Cloud SQL Enterprise Plus edition instances, machine types are predefined as follows:
Enterprise plus machine type vCPUs Memory (GB) Local SSD db-perf-optimized-N-2 2 16 375 db-perf-optimized-N-4 4 32 375 db-perf-optimized-N-8 8 64 375 db-perf-optimized-N-16 16 128 750 db-perf-optimized-N-32 32 256 1500 db-perf-optimized-N-48 48 384 3000 db-perf-optimized-N-64 64 512 6000 db-perf-optimized-N-80 80 640 6000 db-perf-optimized-N-96 96 768 6000 db-perf-optimized-N-128 128 864 9000 gcloud sql instances create
command. Custom instance configurations let you select the amount of memory and CPUs that your instance needs. This flexibility lets you choose the appropriate VM shape for your workload.Machine type names use the following format:
db-custom-#-#
Replace the first # placeholder with the number of CPUs in the machine, and the second # placeholder with the amount of memory in the machine.
For example, if your machine name is
db-custom
, and your machine has 1 CPU and 3840 MB of RAM, then the format for the machine would bedb-custom-1-3840
.When selecting the number of CPUs and amount of memory, there are some restrictions on the configuration you choose:
- vCPUs must be either 1 or an even number between 2 and 96.
- Memory must be:
- 0.9 to 6.5 GB per vCPU
- A multiple of 256 MB
- At least 3.75 GB (3840 MB)
The following table lists the names of each legacy machine type, the number of CPUs and RAM for each machine type, and the resultant string for the machine type.
You can create the equivalent machine type by specifying the equivalent CPU and RAM in the Google Cloud console, by using the gcloud CLI, or by specifying
db-custom-#-#
in the API.Legacy machine type vCPUs Memory (MBs) db-custom-CPU-RAM string (API tier string) db-n1-standard-1 1 3840 db-custom-1-3840 db-n1-standard-2 2 7680 db-custom-2-7680 db-n1-standard-4 4 15360 db-custom-4-15360 db-n1-standard-8 8 30720 db-custom-8-30720 db-n1-standard-16 16 61440 db-custom-16-61440 db-n1-standard-32 32 122880 db-custom-32-122880 db-n1-standard-64 64 245760 db-custom-64-245760 db-n1-standard-96 96 368640 db-custom-96-368640 db-n1-highmem-2 2 13312 db-custom-2-13312 db-n1-highmem-4 4 26624 db-custom-4-26624 db-n1-highmem-8 8 53248 db-custom-8-53248 db-n1-highmem-16 16 106496 db-custom-16-106496 db-n1-highmem-32 32 212992 db-custom-32-212992 db-n1-highmem-64 64 425984 db-custom-64-425984 db-n1-highmem-96 96 638976 db-custom-96-638976 Your machine type affects the cost of your instance. For more information, see Instance Pricing. You can also see pricing for various scenarios with the Pricing Calculator.
- Set password policy
The password policy for the instance. It includes the following options:
- Minimum length: Specifies the minimum number of characters that the password must have.
- Password complexity: Checks if the password is a combination of lowercase, uppercase, numeric, and non-alphanumeric characters.
- Restrict password reuse: Specifies the number of previous passwords that you cannot reuse.
- Disallow username: Prevents the use of the username in the password.
- Set password change interval: Specifies the minimum duration after which you can change the password.
- Cores
The number of CPUs for your instance. You can also choose to create an instance with less than one CPU (a shared code instance, or shared vCPU).
- Memory
-
The amount of memory available for your instance. For performance-sensitive workloads such as online transaction processing (OLTP), make sure that your instance has enough memory to contain the entire working set. However, there are other factors that can impact memory requirements, such as number of active connections. Perform load testing to avoid performance issues in production.
- Database version
- Unless you need a capability provided only by a specific version,
accept the default database version (PostgreSQL 15).
For
gcloud
command and REST API usage, see the reference documentation. - Storage type
- Choosing SSD, the default value, provides your instance with SSD storage. SSDs provide lower latency and higher data throughput. If you do not need high-performance access to your data, for example for long-term storage or rarely accessed data, you can reduce your costs by choosing HDD.
- SSL mode
-
(Optional) The SSL/TLS options for a database connection. Cloud SQL uses SSL/TLS to establish secure, authenticated, and encrypted connections to instances. You can use the SSL mode setting
sslMode
to enforce all database connections to an instance to use SSL/TLS encryption. You can also use this setting to enforce verification of client certificates. This setting gives you more granular controls over your SSL connections compared torequireSsl
. We recommend that you usesslMode
. For more information, see IpConfiguration. You can enforce SSL when you create an instance or update it for any existing instance. - Server CA mode
-
(Optional) When you create an instance, you can select the server CA mode for the instance.
GOOGLE_MANAGED_INTERNAL_CA
: this is the default value. Cloud SQL creates a new self-signed server CA for each instance.GOOGLE_MANAGED_CAS_CA
: the instance uses a server CA hierarchy hosted by Certificate Authority Service and the issuing CAs are shared across all instances in the same region.
For more information about these options, see Certificate authority (CA) hierarchies. Server CA mode is in Preview.
- Storage capacity
-
Choose a capacity to fit your database size. After you have created your instance, you can manually increase the storage capacity by editing your instance configuration, but you cannot decrease it. Increasing the storage capacity does not cause downtime.
The amount of storage capacity allocated for your instance affects the cost of your instance. For more information, see Storage and Networking Pricing.
For read replicas, the storage capacity must always be at least as high as the storage capacity of the primary instance. When a primary instance is resized, all read replicas are resized, if needed, so that they have at least as much storage capacity as the updated primary instance.
- Enable automatic storage increases
If you enable this setting, Cloud SQL checks your available storage every 30 seconds. If the available storage falls below a threshold size, Cloud SQL automatically adds additional storage capacity. If the available storage repeatedly falls below the threshold size, Cloud SQL continues to add storage until it reaches the maximum of 64 TB.
The automatic storage increase setting of a primary instance automatically applies to any read replicas of that instance. The automatic storage increase setting cannot be independently set for read replicas.
Threshold
The threshold size depends on the amount of storage currently provisioned for your instance; it cannot be larger than 25 GB.
For instances provisioned with 500 GB of storage (or more), the threshold is always 25 GB.
For instances provisioned with less than 500 GB of storage, this formula is used to calculate the threshold:
5 + (provisioned storage)/25
The result of the division is rounded down to the nearest whole number.
Threshold calculation for an instance with 66 GB storage capacity:
Threshold calculation for an instance with 1000 GB storage capacity:5 + (1/25th of 66 GB) = 5 + (66/25) = 5 + 2.6 -> 5 + 2 = 7 GB
5 + (1/25th of 1000 GB) = 5 + (1000/25) = 5 + 40 = 45 -> rounded down to the maximum value of 25 GB
Amount of storage added
The amount of storage added to the instance is equal to the threshold size, which cannot be larger than 25 GB.
Considerations for large disks
For instances provisioned with storage of 500 GB or more, the threshold size is always 25 GB and the amount of storage added is always 25 GB. As a result, the maximum possible empty space is 50 GB. If you do not manually resize the instance with disk greater than 5 TB, the disk can remain at 99% capacity all the time even though the instance has empty space.
Before an operation that rapidly grows disk space usage, such as a large import or a query that requires a large temp table, manually resize the disk, rather than depend on autogrow to keep up.
- Data encryption method
-
By default, your Cloud SQL instance is encrypted with a Google-managed key. If you want to control this key, then use a customer-managed encryption key (CMEK) in Cloud Key Management Service (KMS). Cloud KMS integrates with Cloud SQL.
Using Cloud KMS keys gives you control over their protection level, location, rotation schedule, usage and access permissions. In addition, you can use various encryption keys across resources. Using Cloud KMS also lets you track key usage, view audit logs, and control key life cycles.
Instead of Google owning and managing the keys that protect your data, you control and manage these keys in Cloud KMS.
For more information about CMEKs, see About customer-managed encryption keys (CMEKs).
- Automatic storage increase limit
If you enable the automatic storage increase setting, you can provide a specific limit on how large the storage for your instance can automatically grow. Keep in mind that the bigger the size of the instance, the greater the operational latency.
You can't decrease storage size, so this limit can prevent your instance size from growing too large (due to a temporary increase in traffic). Keep in mind that when an instance becomes unable to add storage that it needs, the instance likely stops accepting incoming connections and could go offline.
Setting this limit to zero, the default value, means that there is no limit (other than the maximum available storage for the instance tier).
To set the limit when you create the instance, use the
--storage-auto-increase-limit=INTEGER_VALUE_OF_GB
parameter, as described on the create instance page. To set the limit on an existing instance, use the same parameter with thegcloud beta sql instances patch
command.The automatic storage increase limit setting of a primary instance automatically applies to any read replicas of that instance. The automatic storage increase limit setting cannot be independently set for read replicas.
- Automated backups and point-in-time recovery
-
These options determine if automated backups are performed and if write-ahead logging is enabled. Both options add a small performance cost and use additional storage, but are required for the creation of replicas and clones, and for point-in-time recovery. When you select this option, you can also select a timeframe when automated backups occur.
Automated backups happen daily, during the time window you choose. At the end of seven days, the oldest backup is deleted.
For information about point-in-time recovery, see Overview of point-in-time recovery.
For information about replication, see Replication Options. For information about cloning instances, see Cloning Instances.
- Retention settings for automated backups
-
The default value for the number of retained backups is 7 but you can change it to any value in the range of 1 to 365.
See Automated backup and transaction log retention for more information.
- Location options
-
You can choose to store backups in multiple or single regions. Multi-region is the default, and the recommended choice because it provides protection against downtime when a region becomes unavailable. Backups are stored in regions that are closest to the instance.
You also have the option of selecting a custom location for your backup. Only use this option if required by regulation or if an organization policy requires your backups to be in specific multiple or single regions. See Custom locations for more information.
- Instance deletion protection
-
Protects an instance against accidental deletion. If this setting is enabled, you must deactivate it before deleting the instance. See Prevent deletion of an instance.
- Enable point-in-time recovery
-
Point-in-time recovery lets you recover from a backup, starting from a specific point in time.
For information about point-in-time recovery, see Overview of point-in-time recovery.
- Availability: Zonal
Puts your instance and backups in a single zone. When you select this option, there is no failover in the event of an outage. Recommended only for test and development purposes.
- High availability (regional)
When you select High availability (regional), if there is an outage, your instance fails over to another zone in the region where your instance is located, as long as the failover zone is not having an outage. It is recommended that you select High availability (regional) for instances in your production environment.
- Maintenance window
-
The day and hour that your maintenance events for the Cloud SQL instance are scheduled. For Cloud SQL Enterprise Plus edition primary instances, the maintenance downtime is typically less than 1 second. For all other instances, maintenance downtime is typically 60 seconds or less on average.
Read replicas do not support maintenance window settings at this time.
For more information about maintenance, see About maintenance on Cloud SQL instances.
- Maintenance timing
Your preference about the relative timing of maintenance updates. You can receive your updates one or two weeks after the notification and test your maintenance updates in a test environment before your production instances get the update. You can also choose to receive the maintenance update five weeks ("
week5
") after the notification is sent out. The maintenance timing setting doesn't affect the maintenance version that Cloud SQL applies to your instance.If you don't set the maintenance timing setting, Cloud SQL chooses the timing of updates to your instance (within its maintenance window, if applicable).
For more information about maintenance, see About maintenance on Cloud SQL instances.
- Private IP
- Configures your instance to use private IP. Learn more.
- Public IP
- If enabled, your instance is allocated a public IPv4 address. When you deactivate Public IP, that address is released; you can reenable Public IP later, but you receive a different IPv4 address. By default, the public IP address is blocked for all addresses. Use Authorized networks to enable access.
- You can add specific IP addresses or ranges of addresses to
open your instance to those addresses.
For information about configuring IP addresses, see Configuring IP connectivity.
- Private path for Google Cloud services
By selecting this check box, you allow other Google Cloud services, such as BigQuery, to access data in Cloud SQL and make queries against this data over a private connection.
This check box is enabled only if you select the Private IP check box, and you add or select an authorized network to create a private connection.
- Data cache
Data cache is optional for Cloud SQL for PostgreSQL Enterprise Plus edition instances. Data cache utilizes local SSDs to extend the OS page cache from memory to the SSD tier. Cloud SQL manages this setting. Caching your entire working set provides maximum performance when using data cache. You can use the Google Cloud console, gcloud CLI, or Cloud SQL Admin API to turn this setting on or off for your Cloud SQL for PostgreSQL Enterprise Plus edition instances.
- Activation policy
- You change the activation policy by starting and stopping the instance. Stopping the instance prevents further instance charges.
- Database flags
-
You can set specific database flags on the Cloud SQL instance.
For a complete list of the database flags you can set, see Configure Database Flags.
Impact of changing instance settings
For most instance settings, Cloud SQL applies the change immediately and connectivity to the instance is unaffected.
If you're using Cloud SQL Enterprise edition, then changing the number of CPUs or the memory size results in the instance going offline for less than 60 seconds. The total time for the changes to take effect can take several minutes. Changing an instance's zone, configuring the private IP, changing its network, and enabling high availability results i n the instance going offline for several minutes.
If you're using Cloud SQL Enterprise Plus edition, then you can make some instance setting changes, such as scaling up vCPUs or enabling or disabling data cache, with near-zero downtime. For more information, see Availability in Cloud SQL.
Cloud SQL automatically manages the value of the
max_connections
flag based on the amount of memory on the instance
(for more information, see supported
flags). PostgreSQL requires
that the value of max_connections
is always at least as large on a
read replica as it is on its primary. Therefore, if the read replicas have less
memory than the primary, changing the amount of memory on the primary might
result in its read replicas going offline for less than 60 seconds. This happens
because the read replicas might need to receive a new value of max_connections
to remain consistent with the change on the primary, and updating the value of
max_connections
requires restarting PostgreSQL. To prevent this
from happening, set the max_connections
flag on the primary to a
value of your choice.
Plan to make these kinds of changes when your service can handle an outage of this duration.
What's next
- Learn how to edit your instance.
- Learn more about database flags.
- Learn how to authorize IP access for your instance.
- Learn more about replication options.
- See pricing for your instance.
- Learn more about options for connecting to your instance.
- Learn how to configure an IP address for your instance.
- View all the Google Cloud services available in locations worldwide.