This page describes what you, as a Cloud SQL customer, are responsible for and what Google is responsible for.
Introduction
Cloud SQL is a fully managed database service that simplifies deployment, maintenance, and management of relational databases in the cloud. Cloud SQL offers meaningful insights and manageability features, significantly reducing user toil.
As a Cloud SQL customer, you are responsible for configuring and operating Cloud SQL for your workload needs to get the most value from the service.
Google's responsibilities
- Provision and maintain the underlying infrastructure, including hardware, firmware, kernel, OS, storage, network and more:
- Secure the low-level infrastructure, which includes the physical premises, the hardware in Google data centers, and the low-level software stack running on the machines.
- Encrypt data in a Cloud SQL instance at rest by default and enable customer-managed encryption in transit.
- Install and maintain the database software.
- Provide configuration and tools to secure your Cloud SQL instance.
- Provide limited access to database-specific functionality available to customers using flags, stored procedures, and plugins.
- Increase instance storage capacity for instances configured to enable automatic storage increase.
- Provide maintenance notifications, allow maintenance deferrals, and set maintenance denial periods.
- Apply database vendor-provided fixes to instances as part of scheduled maintenance.
- Make database vendor-provided fixes for known security vulnerabilities available for customers to apply proactively using self-service maintenance
- Provide monitoring telemetry for various instance components including but not limited to:
- CPU
- Storage
- Network
- Memory
- User connections
- Provide disaster recovery capabilities in case of regional outages for instances configured with cross-region read replicas and instances configured with multi-region backups.
- Provide high availability in case of zonal outages on instances configured for high availability (HA).
- Provide actionable insights into instance sizing and idleness for cost optimization with the Recommender service.
- Provide Google Cloud integrations for Identity and Access Management (IAM), tags, Cloud Logging, Cloud Key Management Service and Network Intelligence Center.
Customer responsibilities
- Create instances with the appropriate version, location, size and database flags.
- Create and administer databases and any user-created code on the instance.
- Secure access, authentication, and authorization using appropriate controls.
- Configure and troubleshoot connectivity from client-side tooling to the Cloud SQL instance.
- Configure the Cloud SQL instance for high availability and zonal/regional disaster recovery.
- Use the maintenance features to control the business impact from maintenance events.
- Manage, tune, and optimize the database performance based on the workload and instance configuration.
- Configure storage capacity to accommodate future growth necessary for critical database maintenance events.